Spend a little time working through PCI DSS and you quickly realize that much of the focus is on understanding and reducing risk. This often means efforting to keep sensitive info on a need-to-know. Here are just a few ways you can improve your Linux security:
Posts Tagged ‘pci’
Upcoming PCI Changes
There is much hype around what the changes will be incorporated into this years’ revision. Much has changed since that update, including increased virtualization and cloud implementations, so the hope is that these technologies will not only get addressed, but get the fair amount of attention that they deserve.
Here are some of the topics that I expect to be announced with the upcoming release:
How to Get PCI Compliance to Comply With Your Budget
Back in the late 1990’s when the Web was just starting to gain widespread adoption, there was a great deal of distrust in putting sensitive information online. Clearly we are in a different era of risk tolerance today with people voluntarily posting all kinds of private information online via Facebook, LinkedIn, Twitter and other social media sites. The current environment is one in which e-commerce sites are flourishing and more and more personal information (medical, financial, etc.) is available securely through the Web. The trend is only going to continue, and that is fantastic news for entrepreneurs with a passion for technology. There is a ton of opportunity for enterprising individuals to start their own ventures like e-commerce sites or Software as a Service (SaaS) firms that deal with personal health or financial data. The rub is compliance and the costs associated…
Compliance and Security – Is there a difference?
I think so. Many articles and blog posts have been written on compliance and security. Some argue that compliance and security are the same while others argue the opposite. Some people feel that compliance can weaken security.
My take is…
Data Security Fundamentals
We often talk about system or network security and best practices for those types of technologies. Obviously, they are important; otherwise we wouldn’t talk about them. But, all in all, what are we protecting with those types of technology? That’s right, the data. Too often, we spend a lot of time on building a big perimeter wall, and not enough time putting a lock on the filing cabinet.
Data security is very important, and needs the attention that other forms of security get. Here are some basic fundamentals in Data Security:
