What is Data Residency? Why is it necessary?

,
Over the last decade, our society has seen an increase in online organizations selling goods and services to consumers around the globe. Shopping online has become the new normal especially now with everyone working from home and being advised to remain at home with their families to prevent the spread of COVID-19....

How to ensure the security of Customer’s Cardholder Data with a newly setup e-commerce business?

,
COVID-19 has forced a lot of businesses big or small to rethink about the ways they interact with their customers. The brick and mortar retailers who had limited or no online presence are the most affected by this pandemic since they can no longer support....

How to maintain PCI compliance when your call centre agents are working from home

,
COVID-19 has rapidly changed a lot of things around the world. Nobody could have fathomed or prepared to deal with a pandemic of this size. Working from home has become the new normal for a lot of individuals and organizations which has come....

PCI Council publishes security requirements for PIN Entry Standard

,
PCI Security Standards Council publishes security requirements for software-based PIN entry on commercial off-the-shelf devices (COTS), such as smartphones and tablets. The PCI Software-Based PIN Entry on COTS (SPoC) Standard provides requirements…

PCI SSC releases new payment security tool for small businesses

,
Payment Card Industry Security Standards Council (PCI SSC) has introduced a new payment security tool for small businesses. The payment security tool will protect the card data of PCI SSC customers. Moreover, the PCI Data Security Essential…

5 updates from PCI SSC you need to know

,
The PCI P2PE standard has for sometime governed security requirements for technologies and services that organizations use for end-to-end encryption of cardholder data. The goal is to ensure that no sensitive cardholder data passes in unencrypted…

PCI issues new standards for contactless payments

,
The PCI Security Standards Council published a new data security standard that will let merchants accept contactless payments using commercial off-the-shelf mobile devices, like smartphones and tablets that utilize near field communications.…

Network Segmentation

,
Earlier this month the PCI SSC released a memo referring to their network segmentation guidelines, while network segmentation is not part of PCI scope, it seems that most breaches happen from systems that were deemed not in scope, and companies…

HostedPCI is Now on the AppExchange

,
HostedPCI is now on the AppExchange, making it easier for companies that use Salesforce for their CRM can reduce their PCI scope without compromising customer experience. HostedPCI offer 2 main services within the Salesforce APP, our iFrame…

Why Change the TLS Migration Date?

,
It has been known for a while that SSL/TLS had vulnerabilities, however when POODLE first became known the PCI SSC jumped quickly to release the PCI DSS version 3.1, which stated that organizations had to migrate to TLS 1.1 or higher and…