by Michael Hopewell, Managing Information Security Consultant. Introduction Many businesses have heard about Point to Point Encryption (P2PE). Point of Sale vendors, service providers and others often mention its benefits to businesses: P2PE can reduce risk to payment card data by rendering it unreadable, minimise the number of systems and networks in scope for […]
The 25th of May has come and gone. While many organisations were proactive in their preparations for aligning themselves with the GDPR, sadly many of your customers may still be the dark about the GDPR and what it means for them. The effects of the GDPR are coming, but should they still be worried? […]
On the 17th May 2018, the PCI SSC published the latest version of the PCI Data Security Standard: the PCI DSS v3.2.1. In this article we look at the changes that have been included in the updated Standard. These are also discussed in the PCI SSC’s summary of changes document. A new standard? This […]
Over the last few months, the PCI SSC has published a set of documents to establish a new program for the specification, testing, evaluation and PCI SSC listing of Software-based PIN entry on Commercial Off The Shelf devices (COTS) Solutions. Solutions also known as SPoC. The PCI DSS developed this new PCI Security Standard […]
‘PIN on Glass’ is a catchy phrase that the payments industry and solution vendors have been bandying about as the next big thing for payment card processing: point of sale solutions that will allow merchants to accept card payments using just their mobile device and with no need to purchase expensive hardware. This is […]
The VENOM Vulnerability, a recently discovered critical flaw in the QEMU’s virtual Floppy Disk Controller (FDC) affects numerous virtualisation platforms and appliances such as Xen, KVM, and the native QEMU. As far as we know, to date, it does not impact VMware, Microsoft Hyper-V, and the Bochs hypervisors. The bug’s name is an acronym […]
by Anne Wood, Managing Information Security Consultant When we work with clients tackling compliance for the first time, we generally find one of two scenarios. In the first, organisations have a comprehensive suite of documents but lack in operational processes. In the second, we see a reasonable level of operational process but a lack of […]
Scan anyone, anytime, anywhere, easy. Read more about Sysnet Scanning Services
Natasja Bolton, Consulting Manager Founded in December 2004 by 5 major card brands – Visa, Mastercard, American Express, Discover and JCB. The Payment Card Industry Data Security Standard or PCI DSS for short is a compliance standard that defines data security requirements relating to the processing, storage or transmission of cardholder data. In 2006, the card […]
