Author: Pete

PCI DSS v4 now mandatory

The previous version of PCI DSS v3.2.1 is now fully retired. As previously announced, PCI DSS v3.2.1 was retired on 31 March 2024. Despite rumors, there has been no extension of the old v3.2.1 standard. Anyone undergoing a PCI DSS audit today will need to comply and be assessed against the v4 standard instead. Most…

Read the full article

Where can I download a PCI DSS ROC template? [PCI v4 Update]

The PCI Security Standards Council makes copies of the various Report of Compliance (ROC) reporting template available to download as a PDF in their Document Library. The direct link to download the version 4 ROC reporting template is: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Reporting%20Template%20or%20Form/PCI-DSS-v4-0-ROC-Template-r1.pdf If you would prefer a copy of the template in Word format, ask your QSA. They…

Read the full article

How to do PCI DSS in the Cloud

Cloud computing poses some unique challenges for building and maintaining secure systems. Whenever somebody says they’re using “the cloud”, what they’re really saying is that they’re using “someone else’s computer”. When you remember that the cloud is really just someone else’s computer, it drives home how difficult security can be. In this new model, nobody…

Read the full article