Resources for Payment Card Industry (PCI)

A tale of two PCI security audits

www.itworld.com

Ask security professionals what the most painful part of PCI security compliance is and most will start grousing about the auditors. Some will describe the auditor who came in and started faulting their controls without first taking time to understand the specific business dynamics the controls were designed to address. Others will lament that their auditor required them to buy an expensive new appliance from a specific vendor to attain a passing compliance grade. Robert Duran and Allan Kintigh have endured the auditing process, but one man's experience was more unpleasant than the other's. Nevertheless, each has come away from it with a solid security program.

View the Resource

Share or bookmarklet this web page at: