treasuryinstitutepcidss.blogspot.com
PCI DSS News and Information for Higher Education: March 2014
http://treasuryinstitutepcidss.blogspot.com/2014_03_01_archive.html
Monday, March 10, 2014. I have been thinking about one of the new SAQs, SAQ B-IP. Merchants with Standalone, IP-Connected PTS Point-of-Interaction (POI) Terminals – No Electronic Cardholder Data Storage. And wondering about how and where it might fit in to my card processing environment or the environments of other Higher Education operations I know of. I had made a brief survey of it to write an introductory post, First Look at the New SAQs: Evolution. In the PCI SSC documents library. The Council recog...
treasuryinstitutepcidss.blogspot.com
PCI DSS News and Information for Higher Education: January 2015
http://treasuryinstitutepcidss.blogspot.com/2015_01_01_archive.html
Friday, January 23, 2015. Call for Presentations at Our 2015 PCI Workshop. A few of us have been working since late summer to develop a program for the 2015 PCI Workshop. But coming up with those ideas is the easy part; we still need to find people who are interested in presenting at the workshop. Third party/service provider management/oversight. Requirement 9.9 and developing programs to manage/track point of interaction (POI) devices and train employees. Scoping: What's in, what's out, and why. If you...
treasuryinstitutepcidss.blogspot.com
PCI DSS News and Information for Higher Education: July 2014
http://treasuryinstitutepcidss.blogspot.com/2014_07_01_archive.html
Thursday, July 10, 2014. A Few Thoughts on Liability. This is a guest post from Joe Tinucci, Assistant Treasurer of the University of Colorado. - gaw]. It is probably a good idea to take a few minutes to review your contract to confirm this issue. If you read it carefully, you will probably not find much, if any, discussion of third party service providers - everything is framed in terms of. Responsibilities to submit valid transactions, of proper amounts, for legal goods and services, in accordance with...
treasuryinstitutepcidss.blogspot.com
PCI DSS News and Information for Higher Education: February 2015
http://treasuryinstitutepcidss.blogspot.com/2015_02_01_archive.html
Monday, February 16, 2015. SSL is No Longer Strong Cryptography. On Friday the Payment Card Industry Security Standards Council (PCI SSC) released their official statement. Regarding the acceptability of Secure Sockets Layer (SSL) version 3 for protecting payment data. Based on guidance from NIST and after months of discussions with stakeholders, no version of SSL encryption should be considered "strong cryptography" as defined by the PCI Council. PCI SSC Official Statements:. Friday, February 13, 2015.
treasuryinstitutepcidss.blogspot.com
PCI DSS News and Information for Higher Education: October 2014
http://treasuryinstitutepcidss.blogspot.com/2014_10_01_archive.html
Monday, October 20, 2014. What is a PCI Service Provider? Working with third parties can be either a joy or a constant source of frustration. Or sometimes a little of both. I frequently come into contact with departments in our university who wish to work with an outside party, but have little understanding of what is involved. One difficult term is. I tried to come up with a short list of questions and answers that help clarify the issue when we are talking about what I call. If a third party business e...
treasuryinstitutepcidss.blogspot.com
PCI DSS News and Information for Higher Education: OpenSSL to be patched Thursday 2015-03-19
http://treasuryinstitutepcidss.blogspot.com/2015/03/openssl-to-be-patched-thursday-2015-03.html
Wednesday, March 18, 2015. OpenSSL to be patched Thursday 2015-03-19. If you haven't heard the recent security news yet, be forewarned that newly-discovered flaws in the OpenSSL. Encryption library are due to be patched. Tomorrow, March 19. Some of the weaknesses have been classified with a "high" severity. The OpenSSL libraries provide encryption. And its replacement the Transport Layer Security ( TLS. Protocols. If you see a padlock and "https:/ ." in your web browser's address bar then SSL/TLS. Please...
walterconway.com
Walter Conway, PCI Resources
http://www.walterconway.com/index.html
Walter T. Conway. 1948 – 2013. We've lost a colleague and, more importantly, a dear friend. Walt was unexpectedly diagnosed with advanced pancreatic cancer. While he started treatment immediately, the cancer was aggressive and he was taken from us too quickly by this awful disease. Donations can be made to the Walter T. Conway, Jr. Fund at Episcopal Community Services, 165 Eighth Street, 3rd Floor, San Francisco, CA 94103, or online at www.ecs-sf.org. Is proud to continue Walt's hard work. Point is that,...
treasuryinstitutepcidss.blogspot.com
PCI DSS News and Information for Higher Education: February 2014
http://treasuryinstitutepcidss.blogspot.com/2014_02_01_archive.html
Thursday, February 20, 2014. PCI DSS and PA-DSS Now in Nine Languages. WAKEFIELD, Mass., 20 February, 2014. The PCI SSC website supports translated pages and PCI materials including the new PCI DSS v3.0 and PA-DSS v3.0 in the following languages: Chinese, French, German, Italian, Japanese, Portuguese, Russian and Spanish. See the full news release here:. Https:/ www.pcisecuritystandards.org/pdfs/14 02 20 PCI DSS IN 9 LANGUAGES.pdf. Posted by Gene Willacker, TIHE. Wednesday, February 19, 2014. Adjacent to...
treasuryinstitutepcidss.blogspot.com
PCI DSS News and Information for Higher Education: August 2014
http://treasuryinstitutepcidss.blogspot.com/2014_08_01_archive.html
Wednesday, August 27, 2014. Announcing: The 2015 PCI DSS Workshop. PCI DSS Workshop 2015. April 20 - 22, 2015. Green Valley Ranch Resort, Spa and Casino. Henderson, NV (Las Vegas metro area). Please note that attendance at this program is. Limited to representatives from colleges and universities only. Posted by Gene Willacker, TIHE. Tuesday, August 12, 2014. Higher Ed PCI Listserv. You may need to change your anti-spam filters to keep the messages coming without interruption. Wednesday, August 6, 2014.
