Collaborate Disseminate
I have a question related to this FAQ:
https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/How-does-encrypted-cardholder-data-impact-PCI-DSS-scope?q=how+does+encrypted+data+impact+the+scope&l=en_US&fs=Search&… Continue reading PCI scope "Encrypted cardholder data that is accessible to an entity that also has access to the decryption key"
Entrust announced a definitive agreement to acquire Antelop Solutions, a financial technology company that enables financial institutions to issue secure digital credit and debit cards to their customers. Combining Antelop’s solutions with the Entrust … Continue reading Entrust acquires Antelop Solutions to empower digital financial card issuance
I read PCI DSS, and it’s not very clear in which contexts you can have the PAN in cleartext. One could think in no context, but that is impossible. You need it in clear text of course to print it physically in the card. They say "only… Continue reading How does a card issuer comply with PCI if they have to print PANs in clear text?
Fivetran announced the addition of a new product tier that offers a set of key security-related features for enterprises: Fivetran Business Critical. Building on its ability to fully manage data pipelines, Fivetran now offers enterprises the highest le… Continue reading Fivetran Business Critical delivers enterprise-grade security to address sensitive data requirements
Data from SonicWall’s 2021 Cyber Threat Report showed more ransomware attacks in the first half of 2021 than in all of 2020. Much of the recent conversation around ransomware (fueled by attacks like the Colonial Pipeline and Kaseya) has focused on prev… Continue reading Three reasons why ransomware recovery requires packet data
While adoption of container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a particularly acute challenge for respondents, a NeuVector survey of more than 1,200 enterprise… Continue reading Security and compliance still a challenge for container architectures
The mega-trend towards hybrid working and cloud migration seems unstoppable. But customer service organizations could find their wheels come off if they fail to address a hazardous twist in the transformation journey. For many businesses, switching to … Continue reading Things that are easy to miss in the race towards hybrid working and the cloud
Question
Would using a firewall MITM capability to inspect all HTTPS web requests be against PCI compliance/rules?
Further Info
We have an issue where we need to allow access to some HTTPS sites on hosts that are in the PCI zone. The optio… Continue reading PCI DSS Compliance and Firewalling Dynamic Hosts with MITM Certificates
Digital Guardian announced the availability of its endpoint DLP visibility and security controls for Microsoft Teams. This integration provides DLP to further protect sensitive data given the growing use of Teams in the hybrid work environment. “With D… Continue reading Digital Guardian DLP for Microsoft Teams reduces the risk of sensitive data loss
Introduction Online shopping digital payment transactions may seem quite simple, but in reality, just one single transaction sets off multiple, long-chain reactions. The Payment Card Industry comprises debit cards, credit cards, prepaid, e-purse/e-wall… Continue reading Payment Security: Understanding the Four Corner Model