HOME ALL STORIES LATEST NEWS COLUMNS OPINIONS GUEST VIEWS SHORT TAKES DATA WATCH SPECIAL REPORTS ZEICHICK'S TAKE SD TIMES 100 EDITORS' BLOG

IPHONE APP

RSS FEEDS

FACEBOOK

TWITTER

WHITE PAPERS SPONSORED PROFILES JOB BOARD WEBINAR CENTER FREE SOFTWARE BZ RESEARCH ALMSHAREPOINT EVENTS CALENDAR PRINT/PDF EDITION PRINT/PDF BACK ISSUES

SUBSCRIBE TODAY CUSTOMER SERVICE EDITORIAL CALENDAR EDITORIAL BEATS GUEST VIEW GUIDE SD TIMES 100 GUIDE EVENTS CALENDAR ADVERTISING ARTICLE REPRINTS REPORT A BUG SITE MAP

ABOUT US BZ MEDIA NEWS BZ RESEARCH SYSMANNEWS SPTECHCON ESDC IPHONEDEVCON PRIVACY POLICY CONTACT US

Printable version

HOME >> LATEST NEWS

Most Read Latest News Blog Resources

CouchDB brings peer-based data replication
This NoSQL database is now production ready for developers who want to spread data out wit...

Experts: UML is active, but the buzz is lost
Since widespread acceptance, there is little enthusiasm around the language even ahead of ...

Compuware intros new GUI for mainframe tools
Beyond the GUI are plug-ins for data and debugging tools, as well as an OEM edition of Sli...

Black Hat conference fields suggestions for software security
Attendees give a wide variety of ideas about the subject, with Rex Black adding in some of...

Experts: UML is active, but the buzz is lost
Since widespread acceptance, there is little enthusiasm around the language even ahead of ...

SmartBear’s TestComplete 8.0 targets beginners
Product is the first to be released under post-merger SmartBear; it also includes tools fo...

Compuware intros new GUI for mainframe tools
Beyond the GUI are plug-ins for data and debugging tools, as well as an OEM edition of Sli...

Black Hat conference fields suggestions for software security
Attendees give a wide variety of ideas about the subject, with Rex Black adding in some of...

Like Ruby n' Rails
Programming languages and Web frameworks go together like peas n carrots. Or Ruby n' Rails.

Adobe buys a Web-based IDE
Adobe looks to buy a rapid and agile Web development environment.

OpenStack opens up
OpenStack looks to be an intriguing new idea for running clouds.

Cloud lock-in?
WSO2 has published a cloud "lock-in" warning list.

You Can Control Open Source in Your Development Organization How many of these statements do you agree with?

1. Open source software is...

The Role of Imaging in e-Discovery Discovery – researching company documents to find evidence for a lawsuit or potential laws...

A resource to help you face software licensing and entitlement challenges Today's software licensing landscape can be challenging for your organization to manage. I...

Ready to collaborate? Learn what you need to succeed. When it comes to meeting software development deadlines, quality objective, corporate goal...

Technorati

Digg

Slashdot

Facebook

Friendfeed

Twitter

del.icio.us

GET THE APP!

PCI: The Standard for Credit Data Safety

By Jennifer deJong

March 1, 2007 — In September 2006, American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa International jointly announced the formation of the PCI Security Standards Council.

Made up of companies that issue credit cards, the council was established to manage ongoing evolution of the PCI standard, earlier managed informally. The council’s mission is to improve payment account security by fostering broad adoption of the PCI Data Security Standard. The standard specifies processes and precautions for handling, processing, storing and transmitting credit card data across all payment channels, including retail stores, mail order and e-commerce.

Released in September 2006, PCI Data Security Standard 1.1 outlines 12 broad-based requirements, grouped under six categories. Many address network security and access control issues. But requirement 11—to regularly test security systems and processes—also deals with application security concerns.

It specifies, among other things, that Web applications are subjected to quarterly vulnerability scans performed by an outside vendor qualified by PCI. (ScanAlert is one such vendor; Qualys is another.) Requirement 11 also mandates application-layer penetration tests at least once a year, and after any significant application or modification.

Failure to meet the PCI Data Security Standard 1.1 by June 2007 could result in a fine as high as US$500,000, and could also bar a business from processing credit card transactions. Penalties can vary from one credit card company to another.

Share this link: http://www.sdtimes.com/link/30267

Aster Data expands SQL for map/reduce Company releases a thousand new query-building blocks so businesspeople can unlock map/reduce for unstructured data

Future of data analysis lies in tools for humans, not automatic systems Upcoming technologies like text mining are designed to make engineers more productive, not do their jobs for them

Zeichick’s Take: Can you trust the integrity of your data? A new type of electrical meter raises questions on how much control you have over the data in your own home

Add comment

Name*
Email*
Country

Comment
Preview

News on Monday
more>>
SharePoint Tech Report
more>>

Download Current Issue
ISSUE 8/1/2010 PDF

Need Back Issues?
DOWNLOAD HERE

Receive the print Edition?

Like Ruby n' Rails
Programming languages and Web frameworks go together like peas n carrots. Or Ruby n' Rails.
07/30/2010 04:36 PM EST

Adobe buys a Web-based IDE
Adobe looks to buy a rapid and agile Web development environment.
07/28/2010 03:49 PM EST

OpenStack opens up
OpenStack looks to be an intriguing new idea for running clouds.
07/28/2010 01:56 PM EST

8/1/2010 to 8/5/2010
Boston
SHARE

VSLive

8/2/2010 to 8/6/2010
Redmond, Wash.
1105 Media

Agile 2010

8/9/2010 to 8/13/2010
Orlando
Agile Alliance

Delphi Live

8/23/2010 to 8/26/2010
San Jose
S&S Media

VMworld

8/30/2010 to 9/2/2010
San Francisco
VMware

Please hold here to Drag the window

Close [x]

Subscribe today and you'll receive 24 free issues of SD Times!

Dear Software Professional,

I’d like to invite you to subscribe to SD Times, the newspaper of the software development industry. The newspaper is free, and it will only take a moment to subscribe!

SD Times covers the fast-paced world of software and application development. The twice-monthly newspaper helps software architects, project leaders, analysts and development managers make the proper decisions about products, methodologies and practices that can affect their development teams and efforts.

Each year, we offer only a limited number of complimentary subscriptions to software development professionals!

It only takes moment to sign up. Don't delay, subscribe today!

Sincerely,

David Lyman
Publisher
SD Times

GET THE APP!

PCI: The Standard for Credit Data Safety

By Jennifer deJong

Related Articles

Add comment