Home > Myth 2: PCI will make us secure
Top 5 Myths:
EMAIL THIS

Myth 2: PCI will make us secure

13 Aug 2007 | SearchSecurityChannel.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

By John Kindervag

Myth No. 2 is a follow up to Myth No. 1. Once your client is PCI compliant, they may become complacent, thinking that they are unhackable. Again, PCI is designed to be good, basic, baseline security. It's meant to deter the lazy attacker. It's designed to watch the internal user. Like all security, diligence is required. The PCI audit or assessment you conduct is a snapshot in time. But as time passes, it's easy to move out of compliance or become less secure in some way. The purpose of PCI from a corporate perspective is to meet the "safe harbor" needs of the PCI standard and thereby mitigate the follow on risk associated with a breach. PCI compliance is a continual process -- a great foundation to create information security awareness and build an increasingly strong fortress around an organization's sensitive data.


Five myths of PCI compliance

  Introduction to the myths of PCI compliance
  Myth 1: PCI is hard
  Myth 2: PCI will make us secure
  Myth 3: Encryption is scary
  Myth 4: "I don't take enough credit cards…"
  Myth 5: Product X will make me compliant
About the author
John Kindervag is a 20-year veteran of the high-technology world. He is the senior security architect for Vigilar Inc., where he helps corporations design secure networks and manages Vigilar's Vulnerability Assessment and Compliance Practice. Kindervag holds a Bachelor of Arts degree in Communications from the University of Iowa.

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Regulatory Compliance
Red Flags Rules compliance: Are your customers informed?
PCI compliance guide: A resource for solution providers
PCI DSS pre-assessment services: Prelude to a QSA
The impact of PCI compliance on the channel
Compliance drives opportunities for security integrators
How to turn the HIPAA compliance changes into opportunities
Data protection services offer revenue for security solution providers
Agiliance and McAfee partner for better governance, risk and compliance services
SonicWall announces partnership with Western NRG
Building a framework-based compliance program

PCI DSS compliance
Web application security best practices: Tips on implementation
Application security expertise a plus when offering WAF services
PCI wireless guidelines translate to dollars for VARs
PCI compliance guide: A resource for solution providers
PCI DSS pre-assessment services: Prelude to a QSA
The impact of PCI compliance on the channel
The importance of PCI compliance
PCI compliance services FAQ
Channel Checklist: Top five PCI compliance mistakes and how to avoid them
PCI compliance: Web application firewall vs. code review

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


HomeNewsTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts