IT Best Practices and Compliance Reporting Information: A Scan May Get You PCI Compliance, Not Security

March 09, 2007

A Scan May Get You PCI Compliance, Not Security

Mike Rothman, in yesterday's Daily Incite, made a good point in his comments related to a piece on PCI Compliance Joel Dubin wrote for SearchSecurity.com.

Dubin did a good job capsulizing PCI, but spent the latter part focused just on the network scan and self-assessment. The reality is, as Mike pointed out, neither of these will necessarily improve your security.

At a minimum, regardless of your level, make a commitment to meet or exceed the standards in the auditor's document for PCI DSS.

As Mike says, and I agree wholeheartedly, if you adopt effective information security processes, you'll have no problem with PCI or any other compliance mandate.

Posted at 05:55 PM in PCI Compliance | Permalink

Technorati Tags: Alex Bakman, Daily Incite, information security, Joel Dubin, Mike Rothman, PCI, SearchSecurity.com

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d834520ea169e200d83576387c69e2

Listed below are links to weblogs that reference A Scan May Get You PCI Compliance, Not Security:

Comments

Verify your Comment

Previewing your Comment

Posted by: |

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:

Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

IT Best Practices and Compliance Reporting Information

About

Categories

Recent Posts

Archives

Blogs

Organizations

Other Important Sites

Publications

RSS Feed