- Worst of the lot: PCConnection and PCMall
- 10 ways the Chinese Internet is different
- Hacker writes rootkit for Cisco's routers
- Cisco loses $2 million order to Nortel
- Enterasys, Extreme hooking up?
BitTorrent blocking; SQL injection attack. Listen now!
Hacker writes Cisco rootkit; Microsoft launches online telescope. Listen now!
Discover how Wait-Time Analysis, a new approach to application and database performance optimization, allows IT professionals to fine-tune applications based on service levels. With this management tool you will find all root causes of problems impacting customers and identify the resources that will resolve that problem. Learn more today.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
IT professionals like the idea of consolidating hundreds of servers into only a few, but it takes a lot more to cost effectively consolidate and virtualize servers. Watch this six-chapter webcast, "Reduce Complexity and Cost - Windows Server Consolidation with Virtualization" to learn how to effectively consolidate your Windows environment. One of the themes explored includes the characteristics of an orchestrated data center, which includes: Resource management, dynamic provisioning, job management, policy management, accounting and auditing and real-time availability. Learn more about orchestration and much more today. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
it's ture, at least for the time being, people living in china cann't access to blogspot, wikipedia(the...- someone_who_s_in_china
Trying to comply with the Payment Card Industry Data Security Standard can be intimidating because it is a highly prescriptive, broad-reaching set of requirements, potentially including all of your information systems in its scope.
Although the PCI Security Standards Council defines and builds the global PCI DSS, each card brand — Visa, MasterCard, Discover, American Express, JCB International — enforces it via its compliance program and dictates the validation steps and documentation required to show compliance. Even though you obtain “PCI compliance” by passing a PCI audit and filing the required paperwork, each brand maintains its own tracking, penalties, fees, rewards and acceptance process for compliance filings.
Generally, if you store, process or transmit cardholder data — such as a primary account number — from any brand, you must comply with PCI DSS and the brand’s compliance program. This includes merchants, banks and service providers from all industries, including bricks-and-mortar retailers with point-of-sale terminals, mail order/telephone order merchants, payment gateways, transaction processors and credit-reporting services. Brand-specific documentation requirements and compliance levels may be found on each brand’s Web site.
The PCI DSS requirements apply to all system components, which are defined as “any network component, server or application that is included in or connected to the cardholder data environment.”
The DSS specifies which cardholder data must be protected if stored, and which cardholder data is not allowed to be stored at all once the card has been authorized, such as the card validation value or code, the PIN or PIN block, and the full magnetic stripe.
Storage of the primary account number, cardholder name, service code and expiration date is allowed if that data is sufficiently protected as specified in the DSS. However, you should carefully consider whether you need to store cardholder data at all. You shouldn’t store cardholder data you don’t absolutely need to conduct business and process transactions; further, you should store it only for as long as you need it.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
