Lessons Learned: Top Reasons for PCI Audit Failure and How to Avoid Them

Microsoft FDCC Webcast Series: Do It Right: Log in as Normal User

Download

FDCC requires that the typical user run as Normal User whenever possible; without this, a managed environment is practically impossible. For organizations that have given Local Administrator rights to their...

• Publisher:
• Microsoft

• Tags:
• security standards

Gartner Report: Magic Quadrant for Secure Web Gateway, 2007

Download

Interested in what analyst firm Gartner has to say about Blue Coat Secure Web Gateway solutions? Read its "Magic Quadrant for Secure Web Gateway, 2007" report to find out....

• Publisher:
• Blue Coat Systems

• Tags:
• security standards,
• gateway,
• filtering,
• form

Diffie-Hellman Key Exchange -- A Non-Mathematician's Explanation

Download

The Diffie-Hellman algorithm is one of the most common protocols used in networking today. An understanding of its underlying protocols and processes helps a great deal when trouble-shooting a system....

• Publisher:
• Global Knowledge

• Tags:
• security standards,
• protocols,
• deal,
• algorithm

Segregation of Duties in the Real World: Risk-Based SoD Management With Continuous Monitoring Lowers Compliance Costs

Download

Segregation of duties in the real world demands top-down management that eliminates financial risk without adding overhead costs or extinguishing ERP-fueled efficiency gains of the last decade. Fortunately, auditors and...

• Publisher:
• Oversight Systems

• Tags:
• security standards

Encryption Essential to Meet Information Security and Compliance Initiatives

Download

California's unique notice of security breach act (frequently called "S.B. 1386") and the Gramm-Leach-Bliley Act of 1999 (also known as "The Financial Services Modernization Act") are two major laws that...

• Publisher:
• PC Guardian Technologies

• Tags:
• security standards,
• act,
• sarbanes oxley,
• health

Lessons Learned: Top Reasons for PCI Audit Failure and How to Avoid Them

Download

Since Visa mandated the Cardholder Information Security Program (CISP) in June 2001 and MasterCard International introduced its Site Data Protection (SDP) program in June 2004, many merchants, processors, and acquiring...

• Publisher:
• VeriSign

• Tags:
• security standards

Online Payment Processing: What You Need To Know

Download

Not only does operating an online store allow customers to shop 24 hours a day, 7 days a week, but also it gives you a chance to increase revenue and...

• Publisher:
• VeriSign

• Tags:
• e-fulfillment,
• processing,
• benefit,
• payments

VeriSign Shared Service Provider (SSP) Certification Practice Statement

Download

The US Government has identified the need for Shared Service Providers (SSP) to provide Public Key Infrastructure (PKI) services for Federal employees, contractors and other affiliated individuals requiring PKI credentials...

• Publisher:
• VeriSign

• Tags:
• pki,
• policy,
• federal,
• practices

VeriSign Trust Network Certificate Policies: Version 2.4

Download

The VeriSign Trust Network (VTN) is a global PKI that accommodates a large, public, and widely distributed community of users with diverse needs for communications and information security. VeriSign offers...

• Publisher:
• VeriSign

• Tags:
• network security,
• trust,
• distributed,
• policy

VeriSign Certification Practice Statement: Version 3.4

Download

This paper is the VeriSign Certification Practice Statement ("CPS"). It states the practices that VeriSign Certification Authorities ("CAs") employ in providing certification services that include, but are not limited to,...

• Publisher:
• VeriSign

• Tags:
• pki,
• certification,
• verisign,
• practices

MasterCard scandal: More details emerge

Visa and MasterCard were also contacted, the company said. About 22 million of those are Visa cards and 13.9 million are MasterCard, the companies have said. The probe also found that the Atlanta-based payment processor did not meet MasterCard's...

• Channel:
• Security Strategy
• Tags:
• data breach,
• breach,
• mastercard

Massive ID theft ring still operating

Instead, Sunbelt has sent a list of customers that have been affected to credit card providers Mastercard and Visa, as well as online auction site eBay and its internet payment system PayPal. It is currently working on sending a similar list to...

• Channel:
• Security Strategy
• Tags:
• keylogger,
• ring,
• identity theft,
• id theft

Many UK retailers won't make smart card deadline

The deadline for converting UK shops to smart card transactions is 1 January 2005, which would make the UK the first country to move to Chip & PIN systems that meet the EMV (Europay-MasterCard-Visa) standard.

• Channel:
• Security Strategy
• Tags:
• smart card,
• retailers

Is fraud being beaten by the e-tailers?

For 2006 merchants are also considering further measures, with 29 per cent of respondents saying the Verified by Visa and MasterCard SecureCode systems - both of which create single-use passwords/PIN numbers for transactions - are top of their...

• Channel:
• WebWatch
• Tags:
• ecommerce,
• fraud,
• online shopping

Banking on honesty: where does the e-buck stop?

It isn't hard to see them passing on any penalties handed down by Visa, or MasterCard, or JCB, or whoever decides on this course of action. Visa has revealed to silicon.com plans to hold acquiring banks - those financial institutions that enable...

• Channel:
• Comment & Analysis

MasterCard getting tougher on fraud

MasterCard is in the early stages of piloting a series of site data protection standards for merchants with one of Australia's large banks, with the project expected to be extended to other banks in Australia by the second quarter of 2003.

• Channel:
• Security Strategy