New PCI SSC Scoping & Segmentation Guidance: what does it mean?
Blog, Fact Sheets, Uncategorized, Whitepapers

New PCI SSC Scoping & Segmentation Guidance: what does it mean?

By Natasja Bolton, Senior Acquirer Support QSA   Since the earliest iterations of the PCI DSS, the standard has included the requirement for scoping and has referenced network segmentation as a method of reducing the scope, cost and difficulty of a PCI DSS assessment. For just as long organisations, QSAs and ISAs have been seeking further guidance […]

SHA-1 - the PCI Council’s views revealed
Blog, Uncategorized

SHA-1 – the PCI Council’s views revealed

By Natasja Bolton, Acquirer Support Manager   Back in June, Sysnet reported on SHA-1 based certificates and why support was ceasing. In that article we also examined the potential impact on ecommerce businesses. Recently, the PCI Security Standards Council (PCI SSC) has released their own guidance on SHA-1 in the form of a Frequently Asked Questions […]

Sysnet contributes to industry initiative - Helping small businesses protect against cybercrime
News, Uncategorised

Sysnet contributes to industry initiative – Helping small businesses protect against cybercrime

The Payment Card Industry (PCI) Small Merchant Taskforce was formed by the PCI Security Standards Council (SSC) to address the needs of the small merchant market segment by providing simple guidance on protecting payment card data against theft. As a member of the PCI Small Merchant Taskforce. Natasja Bolton, Senior Acquirer Support QSA at Sysnet […]

PCI Council extends date for migration from vulnerable encryption protocols
Blog

PCI Council extends date for migration from vulnerable encryption protocols

Following significant feedback from the global PCI community and security experts, the PCI Security Standards Council (PCI SSC) has extended the migration completion date for transitioning from SSL and TLS 1.0 to a secure version of TLS (currently v1.1 or higher) to 30 June 2018.   This change gives organisations struggling to move away from […]

A guide to ecommerce SAQs
Articles, Blog, Client Resources, Whitepapers

A guide to ecommerce SAQs

by Natasja Bolton, Acquirer Support Manager Most small and medium-sized merchants rely on an online compliance portal, such as our Sysnet.air solution, to determine the appropriate SAQ for their PCI DSS self-assessment. SAQ determination is based on the merchant’s completion of a series of questions on their  payment channels and payment processing methods.   For many merchants […]

PCI DSS v3.0 compliance: A closer look at Requirement 9.9 – Payment Terminal Protection
Articles, Blog, Whitepapers

PCI DSS v3.0 compliance: A closer look at Requirement 9.9 – Payment Terminal Protection

Though EMV Chip technology (chip and pin) has been effective in decreasing card fraud, criminals are increasingly using new methods to compromise data. From July 1st 2015, requirement 9.9 will be enforced by the Payment Card Industry Security Standards Council (PCI SSC). This requirement will ensure that merchants have controls and countermeasures in place to […]

What is PCI DSS?
Blog, Risk & Assurance, Whitepapers

What is PCI DSS?

Natasja Bolton, Consulting Manager   Founded in December 2004 by 5 major card brands – Visa, MasterCard, American Express, Discover and JCB. The Payment Card Industry Data Security Standard or PCI DSS for short is a compliance standard that defines data security requirements relating to the processing, storage or transmission of cardholder data.   In 2006, the card […]