|
|
 |
| Posted: |
06 Dec 2006 |
| Published: |
01 Dec 2006 |
| Format: |
HTML
|
| Length: |
8
Page(s) |
| Type: |
Journal Article |
| Language: |
English |
|
ABSTRACT:
Roger Nebel has seen plenty of payment card industry security violations in his day, but one retail client's transgressions were the worst. The trouble started with the retailer's checkout counter machines, where customers swipe their credit cards, recalls Nebel, director of strategic security for Washington D.C.-based FTI Consulting. The client used two versions of the point-of-sale system in various locations--an older version that didn't encrypt cardholder data, and a newer version that did. Then, the retailer's POS device vendor used a well-known Web-based program to remotely manage several systems with a common user ID and password. Meanwhile, the client failed to log activity on the systems, there was no security monitoring in general, and several sites lacked adequate antivirus software.
|
 |
AUTHOR:
Bill Brenner
|
|
|
|
BROWSE RELATED RESOURCES:
Compliance Audits | Compliance Best Practices | Credit Cards | Data Encryption | Payment Card Industry | Payment Card Industry Data Security Standard | Payment Card Industry Data Security Standard Compliance | Retail Trade Industry |
|
View All Resources
sponsored by Information Security Magazine |
 |
|
|
|
Cramsession Research Library Copyright © 1998-2008 Bitpipe, Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. TechTarget · 117 Kendrick St · Needham, MA · 02494
Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy. cramsession@bitpipe.com
|
