1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Retailers must upgrade authentication, encryption and pen testing

Discussion in 'CSO' started by RSS, May 6, 2016.

  1. RSS

    RSS New Member Member

    The PCI Security Standards Council now requires better authentication, encryption and penetration testing by companies that accept consumer payments, improvements lauded by security experts.

    "There are a lot of people who consider compliance to be policy for policy sake," said Ryan O’Leary, vice president of the threat research center at WhiteHat Security. "But with these three recommendations, it is really security-industry standards that are finally being forced upon companies. I would say, absolutely, it will move the bar forward as far as security goes."

    Administrators with access to card data must now have two-factor authentication when they log in, either locally or remotely.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page