Home / CYBER CRIME / PCI DSS 3.0: The Impact on Your Security Operations
Eye on technology background.

PCI DSS 3.0: The Impact on Your Security Operations

Eye on technology background.Last month, the PCI Security Standards Council (PCI SSC) released its proposed changes for the Payment Card Industry Data Security Standard (PCI DSS) version 3.0. For security professionals it means that PCI compliance will become more of an everyday business practice, rather than an annual checklist obligation

Looking ahead, here’s what you can expect from 3.0’s impact on your operations – and the steps you’ll need to take to stay compliant.

Vulnerability management

When it comes to managing system vulnerabilities, Requirement 11 mandates a methodology for penetration testing, including verification that segmentation methods are operational and effective. The reasoning here is that segmentation creates a smaller scope for cardholder data, which shrinks the organization’s attack surface and creates fewer points of entry for attackers. The best way to get there: conducting your own assessments to augment third-party assessments and using those results to reduce the scope of your cardholder data environments.

POS Terminals

PCI DSS 3.0When it comes to point-of-sale (POS) terminals, you might not dwell too much on the possibility of physical compromise. Yet many are accessible to the random public and all too often have exposed connections like a keyboard or USB port. All an attacker needs is a simple hardware keylogger or an auto-run USB and boom, they’re in. This is one reason skimming and other attacks are on the rise, and the main reason POS terminals and other payment-related devices must be secured from tampering or substitution. Another mandatory step: careful inventory management, as well as checking device serial numbers and stickers to verify that no one’s tampered with them. These practices might seem tedious, but they’ll go a long way to stopping any physical attacks before they escalate into serious disasters.

Strengthening Password Policies, Tokens and Certificates

Password protection is a major focus of 3.0. While the recommendations aren’t terribly new, they may still be fresh ground for some businesses. To start with, you’ll need to strengthen default passwords for application and service accounts, as well as user accounts. When it comes to user-created passwords, users must protect their credentials and change passwords upon suspicion of compromise. Again, most businesses should already be doing this.

While the minimum-criteria of alphanumeric seven-character passwords is still promoted, alternatives like longer passphrases are now permitted. This means you might consider requiring a relatively long passphrase with uppercase characters, lowercase characters, numbers and special characters. These can be especially secure and even easier to remember than traditional gibberish passwords.

Similarly, security must be tightened for physical security tokens, smart cards and certificates. If you’re not already conducting daily log reviews, now is the time to start. Also make sure that all authentic mechanisms are linked to individual accounts and then protect access to those accounts.

Defining in-scope Systems

In another move toward improved clarity, you’ll need a network diagram showing all connections to cardholder data, as well as an up-to-date diagram that details how cardholder data flows through your systems. 3.0 places more emphasis on defining the in-scope environment on a regular basis, and also emphasizes the application and data layers over the network and infrastructure layers. Ultimately these definitions benefit both auditors and the audited, by illuminating potential weaknesses in a comprehensive risk assessment.

Evolving Malware Threats

Because malware is still a major threat hovering over cloud environments, merchants must now include malware controls even on systems not commonly affected by malware. That includes systems like Linux, which you might (incorrectly) assume was safe. Malware can destroy files, servers and end users, which means that every aspect must be protected with anti-malware technology. Set up an alert system that detects the first sign of digital cancer and you’ll go a long way toward containing the damage and mitigate data loss.

Security and Compliance Responsibility

If your organization isn’t exactly clear on which PCI DSS requirements your group manages and which ones your providers handle, things are about to change. You’ll need to hammer out every detail of who’s responsible for what – and that can be a tall order with the explosion and diversity of SaaS, PaaS, and MssP offerings.

All of these changes might seem like a lot to undertake, but it’s important to remember what’s at stake. Getting compliant isn’t just about passing inspection; it’s about dealing as effectively as possible with the threats targeting applications every day, from XSS attacks to SQL injections.

Security teams have the next 12 months to tackle these operational changes, and whether you have considerable adjustments to make or very few, it’s a good opportunity for your security staff to analyze your programs, tighten up your processes and strengthen your provider relationship. Include compliance in your daily tasks and you’ll have less work to do in crunch time – and your critical business applications will be that much safer.

By Chris Hinkley

FacebookTwitterGoogle+Share

About adibsaani

Check Also

wpid-wp-1475928726672.jpeg

China to Bolster Cybersecurity with Industry Assistance

Chinese authorities have unveiled a document on internet regulation in a bid to beef up …

38 comments

  1. Hola! I’ve been following your blog for a little while now and
    lastly got the courage to proceed to offer you a
    shout out from Houston Tx! Just planned to tell you keep up to date the good work!

    My web page :: ArianaZWeick

  2. Thanks intended for sharing this sort of good thought, component of writing is nice, thats why i have read
    it entirely

    My blog post; DougDGelle

  3. Hi to every one, as I am truly keen of reading this weblog’s post to be updated on a regular basis.

    It contains pleasant data.

    my web blog BongQLippe

  4. What’s up to every one, the contents existing at this site
    are truly amazing for people knowledge, well, keep up the good work fellows.

    Here is my homepage BryanMGnau

  5. Very shortly this site will probably be famous amid all blog people, because of it’s good articles or reviews

    Have a look at my website MauroEGraber

  6. Heya are using WordPress for your site platform? I’m new to the blog world but I’m trying to get started and create my own. Do you require any html coding knowledge to make your own blog?
    Any help would be greatly appreciated!

    my web page :: SilviaFLucca

  7. When some one searches for his essential thing, thus he/she needs being available that in more detail, therefore that
    thing is maintained over here.

    Feel free to surf to my webpage – ToriPRiegler

  8. Hi there to every one, the contents existing at this web site are in fact amazing for people knowledge,
    well, keep up the nice work fellows.

    Also visit my homepage; ShirleeCAust

  9. Incredible! This web site looks exactly like my old one!
    It’s on a completely different subject but it really has basically exactly the same page layout and design. Great range of colors!

    Here is my site – HeePGeoffrey

  10. It’s remarkable designed for me to have a web
    site, which is helpful for my knowledge. thanks admin

    Here is my blog; IvoryLDrozda

  11. Greetings from California! I’m bored at work so I chosen to
    check out your site on my iphone during
    lunch break. I like the info you provide here and can’t wait to take a look after i get back home.
    I’m amazed at how fast your blog site loaded on my small mobile phone ..
    I’m not actually using WIFI, just 3G .. Anyhow, great blog!

    Also visit my webpage RolfZBalfe

  12. What’s up all, here every one is sharing these kinds of
    familiarity, therefore it’s fastidious to read this webpage, and I used to pay a quick visit this blog all the
    time.

    Also visit my weblog: CoryASimms

  13. Hello mates, pleasant paragraph and good arguments commented at this place, I am
    really enjoying by these.

    Feel free to visit my website … JameQWixom

  14. Every weekend i utilized to pay a visit this site, because i would like
    enjoyment, because this this website conations actually good funny material too.

    Here is my page LucianoKPano

  15. I adore it whenever people get together and share thoughts.
    Great blog, make it up!

    my web page NylaZKnoff

  16. I am curious to discover what blog system you are actually dealing with?
    I’m having some minor security problems with my latest site and I would personally want to
    find something more secure. Do you have any recommendations?

    Here is my webpage CristiQBlack

  17. I am regular visitor, how are you everybody? This paragraph
    posted around this site is truly good.

    Also visit my page :: WildaQEasdon

  18. Please let me know if you’re looking for a
    article author for your weblog. You have some really great posts and I feel I would be a good asset.
    If you ever want to take some of the load off, I’d love to write some content for your blog in exchange for
    a link back to mine. Please blast me an email if interested.

    Cheers!

    my page :: RudyJDewaele

  19. Thanks designed for sharing this sort of good thought, article is fastidious, thats why i actually have read it fully

    Look at my web site; TatumYMawk

  20. Wonderful beat ! I would like to apprentice whilst you amend your
    site, how can i subscribe for the weblog site?
    The account helped me a acceptable deal. I were tiny bit familiar with this your
    broadcast provided brilliant clear concept

    Check out my web page: JoanneVMoisa

  21. Wow, awesome blog layout! How long have you been blogging for?
    you made blogging look easy. The overall look of your web site is excellent,
    let alone the content!

    my web site … ShaunBBraker

  22. An outstanding share! I have just forwarded this onto a colleague who was conducting
    a little research on this. And he actually bought me breakfast because I stumbled
    upon it for him… lol. So allow me to reword this…. Thanks for the meal!!
    But yeah, thanx for spending some time to talk about this matter here on your website.

    Here is my weblog LilyZHalgren

  23. I’m really experiencing the design and layout of
    your site. It’s an extremely easy in the eyes that makes it
    far more pleasant for me to come here and visit on a
    regular basis. Do you hire out a designer to
    make your theme? Exceptional work!

    Feel free to surf to my site – JackCOrnelos

  24. This is really interesting, You are a very skilled blogger.
    I have joined your rss feed and look forward to seeking more of your fantastic post.

    Also, I’ve shared your site in my social networks!

    Feel free to visit my web site; MarindaCWold

  25. It’s very easy to learn any topic on net in comparison with textbooks, as I found this paragraph at this webpage.

    My web page; TodDKately

  26. We’re a gaggle of volunteers and opening a new scheme in your community.

    Your website offered us with useful information to function on. You might have performed an impressive task and our entire neighborhood will probably be grateful for your needs.

    my website: AlYRocchio

  27. Hello! I’ve been following your weblog for quite a while now and ultimately got the courage to go ahead and
    provide you with a shout from Dallas Tx! Just desired to tell you maintain the good job!

    Look at my web-site; PokUChiarito

  28. What’s up i am kavin, its my first occasion to commenting anyplace, when i read this paragraph i thought i could also create comment
    due to this brilliant piece of writing.

    My homepage … WadeYBaudoin

  29. I loved as much as you’ll receive carried out right here.
    The sketch is attractive, your authored subject matter stylish.

    nonetheless, you command get got an impatience over that you wish be delivering the following.

    unwell unquestionably come further formerly again since exactly the
    same nearly very often inside case you shield this hike.

    Feel free to visit my blog post – WyattHToby

  30. I truly love your website.. Good colors & theme. Have you make this web site yourself?
    Please reply back as I’m trying to create my own website and
    wish to figure out the place you got this from
    or what the theme is known as. Thanks!

    Feel free to visit my web blog; IanMBlessman

  31. Hey I know this is off topic but I was wondering if
    you knew of any widgets I could add to my blog that automatically tweet my newest twitter updates.
    I’ve been looking for a plug-in like this for quite
    some time and was hoping maybe you would have some experience with something like this.
    Please let me know if you run into anything. I truly enjoy
    reading your blog and I look forward to your new updates.

    Here is my web page: BurtURasheed

  32. For starters I wish to say great blog! I had a brief question which I’d want to ask if you do not mind.
    I found myself interested to learn how you will center yourself and
    clear your feelings before writing. I have had a
    hard time clearing my mind to get my ideas out. I truly do enjoy writing however it just seems like the
    first ten or fifteen minutes are lost just simply figuring out where
    to start. Any ideas or hints? Thanks a lot!

    my web site – OmerRKlena

  33. Keep on working, great job!

    my website; JulioJElgart

  34. Does your blog use a contact page? I’m having a difficult time locating it
    but, I’d want to shoot you an email. I’ve got some ideas to your blog you may well be considering hearing.
    Either way, great website and so i enjoy seeing it develop after a while.

    Feel free to surf to my web blog KoryFZepka

  35. It’s amazing in favor of me to have a web site, which is beneficial in support of my know-how.
    thanks admin

    Visit my web page PhilLKeicher

  36. Hello there! Would you mind if I share your blog with my
    facebook group? There’s a lot of folks that I think would really appreciate your content.
    Please let me know. Cheers

    Here is my blog :: DeloraUGolec

  37. A fascinating discussion may be worth comment. I do think that you
    should write much more on this material, it may not be a taboo matter
    but typically people don’t discuss such subjects. To the next!
    Best wishes!!

    my homepage :: BarbWSerrato

  38. Very good info. Lucky me I ran across your web site by
    mistake (stumbleupon). I’ve book-marked it for later!

    Feel free to visit my blog post :: JodyGHaveman

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>