Results 1 to 4 of 4

Thread: The State of PCI Compliance

  1. #1
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002

    The State of PCI Compliance

    As Director of Security for Evangelyze Communications my primary focus is on the security implications of VoIP and unified communications and helping our customers to understand the risks and implement effective security controls to protect their unified communications infrastructure. Another aspect of that security however is the issue of compliance. Organizations fall under a variety of regulatory mandates and industry guidelines and those compliance requirements often overlap into monitoring and retaining communications data.

    Organizations need to be familiar with the mandates they are obligated to follow, whether it is SOX (Sarbanes-Oxley), HIPAA (Health Insurance Portability and Accountability Act), GLBA (Gramm-Leach-Bliley Act), PCI DSS (Payment Card Industry Data Security Standard), or others. Some organizations must comply with two or more of these depending on the industry they are in and the types of business they engage in. To achieve and maintain compliance, organizations need to understand what the requirements are for compliance regarding their communications. As it relates to unified communications, organizations have to grasp the implications of the converged communications channels. With instant messaging conversations archived in Outlook, and voicemail messages sent as file attachments via email, and email being able to be read over the phone by Microsoft Exchange using Outlook Voice Access, the lines are blurred between the types of communication and organizations have to be aware of this and put the appropriate controls in place to be compliant.

    PCI Compliance has been a particular focus of mine. I was the lead author and tech editor of PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance published by Syngress in 2007. Dr. Anton Chuvakin and I are co-authoring a 2nd edition of the book to be published later this year which will contain updated information related to revisions in the PCI DSS guidelines themselves as well as reflecting new information regarding the various breaches and issues that have occurred over the past couple of years. It will also have more real-world case studies and how-to guidance to provide more actionable material for the reader rather than just a theoretical description of the PCI DSS guidelines.

    This week I was the guest on a podcast recorded for titled 'The State of PCI Compliance'. You can listen to the streaming audio by clicking here.

    Last edited by nihil; March 19th, 2009 at 11:51 AM. Reason: Link removed

  2. #2
    Junior Member
    Join Date
    Aug 2016
    Quote Originally Posted by blgauusasda5772 View Post
    Aah, there it is. Down in black and white. They really should have that mentioned in the LCD.
    but they dont.. then how can they mention in LCD

  3. #3
    Junior Member
    Join Date
    Sep 2017
    I was the lead author and tech editor of PCI Compliance

  4. #4
    Super Moderator rlirpa's Avatar
    Join Date
    Feb 2014
    MD, US
    Quote Originally Posted by luumanh123 View Post
    I was the lead author and tech editor of PCI Compliance
    Morning Tony.

Similar Threads

  1. Iptables Script / Tutorial
    By str34m3r in forum The Security Tutorials Forum
    Replies: 16
    Last Post: September 25th, 2006, 02:20 AM
  2. Customizing Back|Track....Need Some Help
    By earthrocker in forum Newbie Security Questions
    Replies: 7
    Last Post: August 5th, 2006, 03:43 PM
  3. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  4. Firewall Machine not connecting to port443
    By Natasha69 in forum *nix Security Discussions
    Replies: 1
    Last Post: November 8th, 2002, 09:45 PM
  5. Linux firewalling with Firestarter II
    By LeeryOne in forum The Security Tutorials Forum
    Replies: 0
    Last Post: July 18th, 2002, 06:07 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts