PCI AND COMPLIANCE Articles

Confidential data: Delete it or eat it, say security experts

Hoarding sensitive information is easy and inexpensive, but as the collected information grows, so do the risks

» full story

PHI security demands leave life coach feeling doomed

Thriveworks CEO says technology hasn't kept pace with laws demanding eternal security of digital data.

» full story

Compliance isn't security, but companies still pretend it is, according to survey

According to the 2012 "HIMSS Analytics Report: Security of Patient Data," increasingly strict regulation and increased compliance from providers haven't slowed an increase in breaches over the past six years.

» full story

Law firms see big money in healthcare breach cases

Attorneys filing the complaints and defending their targets agree that they are in untested legal waters. Filing privacy breach cases as class actions is new, and all those involved say new legal precedents will be made in the next several years.

» full story

Report: PHI security is MIA

According to "Breach Report 2011: Protected Health Information" by the IT security firm Redspin, 19 million patient health records were breached last year, a 97-percent increase from 2010.

» full story

Amid breach fallout, Global Payments struggles with public message

The breached credit card processor assured investors that the damage has been contained and its security procedures worked. But for nervous card holders with additional questions, a basic website statement will have to do.

» full story

The PCI effect -- for better or worse -- following Global Payments breach

As many as 10 million users of VISA and MasterCard may have had their card numbers compromised in what sources in the financial sector are calling a "massive" breach of a U.S.-based credit card processor.

» full story

Debriefing: Laws and orders (the quiz)

A short history of justice and red tape

» full story

12 tips for implementing GRC

GRC technology can provide an organization with critical information necessary in a regulatory-driven business world. But before even looking at GRC tools, consider these tips for successful investment and implementation

» full story

Industry on Cybersecurity Act of 2012: Not so fast

Security experts fear the Cybersecurity Act of 2012 will cement a "culture of compliance"

» full story

1 2 3 4 5 »

PCI AND COMPLIANCE ESSENTIAL READING

How to efficiently manage security compliance with PCI DSS and other laws and regulations

Cloud Service Brokerage & API management
In this white board video Intel Product Manager Blake Dournaee, visually sketches out 3 emerging use cases for a Service Gateway.
Service Gateway Cloud API Security Animated Tutorial
Video tutorial that introduces concepts, benefits, and flows for network edge web service security and API control.
Service Gateway Animated Overview Video
Services based architectures have forever changed the way applications are built and delivered by dynamically linking distributed web services on the fly through APIs.
Meet the Cloud API with Forrester Research
Management of Cloud APIs presents a challenge and tremendous business opportunity that some are calling "the single biggest growth area for cloud computing." In this session, Forrester Research will decompose the API's role in cloud application control & security and show it opens new doors to connect smart-phone applications, browsers, middleware, legacy apps and just about anything that can talk HTTP.
New PCI Tokenization Guidelines with QSA Expert
With the August 2011 PCI Standards Council update, internal tokenization has clearly gained momentum as the lowest impact solution that large merchants can implement to achieve PCI compliance for stored cardholder data.
Tokenization Demo
This technical demo showcases tokenization of PAN data from an inbound invoice document. We will present a sample deployment diagram to show where tokenization broker fits into the back end application infrastructure. Different tokenization policy controls available within the product will be demonstrated.

» View All PCI and Compliance Webcasts

PCI and Compliance White Papers

Security Gateway Buyer's Guide
This buyer's guide, written by independent industry security expert, Gunnar Peterson, will provide the analysis and decision support that will enable you to make an informed choice. Learn about Security Gateway architectural capabilities and common business use cases where they are deployed.
Tokenization Buyer's Guide
PCI DSS expert and QSA Walter Conway takes you on a deep dive tour of tokenization techniques and their merits. He also demystifies tokenization by discussing use cases, comparing tokenization vs. encryption and providing various alternatives for implementing tokenization.
Reducing PCI DSS Scope: The Gateway Approach
This White Paper discusses how you can generate tokens that replace credit card numbers with surrogates, removing systems from PCI DSS "Scope" -- which include any network components that are the primary focus of PCI DSS regulation, compliance and assessment.
Want to Make Compliance Easy? Get Proactive!
Is your business reactively implementing compliance? If so, you're wasting time and money and destroying productivity. Get proactive! In this Quest white paper, see how centralized monitoring and reporting is more secure, saves money and helps you adapt and manage compliance needs today and tomorrow.
Effectively Manage IT Compliance
IT compliance is mandatory for your business - but it doesn't have to be difficult, and when properly controlled is a boon for your company. In this four-part eBook, see how the many parts of IT compliance can be effectively managed throughout the business. Get it today.
Effectively Manage IT Compliance
IT compliance is mandatory for your business - but it doesn't have to be difficult, and when properly controlled is a boon for your company. In this four-part eBook, see how the many parts of IT compliance can be effectively managed throughout the business. Get it today.