The typical utilities project execution plan begins by attempting to deliver against the strategic objectives outlined below:
Continue reading >>>
When it comes to protected information security under PCI DSS, consistent purview over log data is the guidance. But it’s known that this objective is not as easy as it sounds. Organizations managing PCI data are supposed to review log data and periodically schedule an assessment to be completed by an outside party. However with today’s economy, and so much being asked of IT staff, I wonder if periodic review of sensitive data risk controls to comply with PCI DSS is adequate.
Continue Reading >>>
Organizations must track and monitor all access to cardholder data and related network resources – in stores, regional offices, headquarters, and other remote access.
Yes, it is well documented that the three (3) tenets for adhering to PCI DSS 2.0 are as follows: