dcsimg

How Ireland’s Credit Unions can meet their penetration testing requirements

Credit unions in Ireland are required to conduct a penetration test once a year, and send the results to the Central Bank of Ireland for review.  According to a report published by the Bank last year, credit unions are getting better at doing this. But for those that are still unsure how to complete this process or simply want to get better at it, this blog explains everything you need to know … [Read more...]

What do SMEs need to do to comply with the PCI DSS?

Organisations that accept card payments are responsible for the security of customers’ payment information and must comply with the PCI DSS (Payment Card Industry Data Security Standard). The PCI DSS is a set of tools and measures to help you protect payment card data. It applies to all organisations that transmit, process or store such information, but SMEs (small and medium-sized organisations) … [Read more...]

How IT Governance can help with your cyber security concerns

Cyber security is a complex topic, so we wouldn’t be surprised if you had questions about what your organisation should be doing. The threat of data breaches grows each year, organisations process more information than ever and the regulatory landscape is becoming a minefield to navigate.  Fortunately, IT Governance’s team of experts has the answers, and our extensive range of … [Read more...]

The top cyber security trends of 2018 so far

There have been more than 600 data breaches this year, so people who want to pick out the most serious incidents have plenty to choose from. It’s not simply a case of finding the breaches involving the highest number of stolen records, because a breach compromising names and email addresses isn’t the same as a breach compromising payment card information. Besides, infrastructural damage and … [Read more...]

How to achieve and maintain PCI DSS compliance

All organisations that accept card payments must comply with the PCI DSS (Payment Card Industry Data Security Standard). This is not a simple task, and if you make mistakes when implementing the Standard, you’ll struggle to achieve compliance and expose yourself to data breaches and regulatory fines. We understand that PCI DSS compliance is difficult, so we’ve laid out some recommendations based … [Read more...]

Understanding PCI compliance auditing

Businesses of all sizes must undergo Payment Card Industry Data Security Standard (PCI DSS) compliance audits to ensure that their customers’ data is protected during credit or debit card transactions and while stored. Under the Standard, Level 1 businesses – those that process more than six million credit card transactions a year – are subject to an annual on-site audit and quarterly network … [Read more...]

Policies and procedures, you need for PCI DSS compliance

Technology can only do so much to protect an organisation from data breaches. That’s why Requirement 12 of the Payment Card Industry Data Security Standard (PCI DSS) states that organisations should actively manage their data protection responsibilities by establishing, updating and communicating security policies and procedures in response to regular risk assessments. As with technology, security … [Read more...]

How SMEs can comply with the PCI DSS

Organisations that accept card payments are responsible for the security of customer’s payment information and must comply with the Payment Card Industry Data Security Standard (PCI DSS).  The PCI DSS is a set of tools and measures to help you protect payment card data. it applies to all organisations that transmit, process or store such information, but small and medium sized enterprises (SMEs) … [Read more...]

Having trouble complying with the PCI DSS? Here are some tips

Keeping cardholder data secure can be incredibly difficult, but have you tried… not storing so much information? You’d be surprised at how effective that apparently flippant advice is. Organisations often store more information than they need, making security trickier than it should be. Take primary account numbers (PANS). This information is needed far less other than cardholders’ names and card … [Read more...]

PCI DSS dissected: Reducing your cardholder data environment

The requirements of the Payment Card Industry Data Security Standard (PCI DSS) should be considered the starting point of security. The Standard doesn’t cover everything that organisations can do to protect payment card data, but it does cover everything that they should do, such as put in place the appropriate procedures, policies and work practices. Still, many organisations don’t see the PCI … [Read more...]