Skip to main content

The WiKID Blog

Viewing posts tagged Information Security

The Great PCI Debate from Shmoocon

I really enjoyed the PCI debate at Shmoocon, but probably because it was more circus than it should have been. (Here's another summary from Anton Chuvakin)  The pertinent points I came away with where:

SANS Institute Critical Controls

"The SANS Institute has released their "Twenty Critical Security Controls for Effective Cyber Defense: Consensus Audit Guidelines".  Note that  two-factor authentication is listed under boundary controls:

Re-Designing PCI

I'm by no means a PCI expert, but I find the area of great interest and not just because it gets companies buying two-factor authentication systems (and current customers to update ;). It is a fascinating market to analyze.

Marcus Ranum on Gartner on Two-factor Authentication

Here's a great post by Marcus Ranum on Gartner's recent pronouncements about two-factor authentication:

Agency problems in the PCI world?

If you are a PCI QSA or a PCI merchant or processor, you might enjoy this article about the relationship between the QSA and the client.  The entire PCI eco-system is quite fascinating.  There's definitely potential for an agency issue in that QSAs are paid by their clients to enforce the PCI Counsel's regulations. 

Recent Posts

Archive

2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom