Wednesday, November 26, 2008

Fun PCI FAQ - Good Reading

Check out this cool PCI FAQ here, created by Andrew Plato. He reminds people about a few of the common "PCI misconceptions" (like, "when is the PCI deadline? - Yesterday") and key facts (like, "Do organizations using third-party processors have to be PCI-compliant? - Yes")

Finally, I also love, love, love his reminder that there are no "PCI -compliant products" (unlike some assclowns here think)

"Q: What technologies are considered PCI-compliant?

A: There is no such thing as a PCI-compliant product. The PCI standard does not certify products. Some products will help with PCI compliance, but there is no single product or group of products that will ensure complete PCI compliance.

Read it!

Dr Anton Chuvakin