About

Categories

Recent Posts

Archives

Subscribe to this blog's feed

Blogs

Organizations

Other Important Sites

Publications

RSS Feed

Blog powered by TypePad
Subscribe to my Podcast

« VMware Security Tip of the Day - Podcast | Main | Preparing for DST Not As Simple As It Seems »

March 09, 2007

A Scan May Get You PCI Compliance, Not Security

Mike Rothman, in yesterday's Daily Incite, made a good point in his comments related to a piece on PCI Compliance Joel Dubin wrote for SearchSecurity.com.

Dubin did a good job capsulizing PCI, but spent the latter part focused just on the network scan and self-assessment. The reality is, as Mike pointed out, neither of these will necessarily improve your security.

At a minimum, regardless of your level, make a commitment to meet or exceed the standards in the auditor's document for PCI DSS.

As Mike says, and I agree wholeheartedly, if you adopt effective information security processes, you'll have no problem with PCI or any other compliance mandate.

Posted at 05:55 PM in PCI Compliance |

Technorati Tags: , , , , , ,

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/t/trackback/458164/16736978

Listed below are links to weblogs that reference A Scan May Get You PCI Compliance, Not Security:

Comments

Post a comment

If you have a TypeKey or TypePad account, please Sign In