Page 8 - GS200102
P. 8
ReadersSpeak
• Blog post: "How Do Merchant
Levels Determine Compli-
ance?" www.securitymetrics.com/
blog/how-do-merchant-levels-de-
termine-pci-compliance
2020 PCI checkup • Case Study: "How a PCI Audit
Became Positive and Educa-
new year typically means taking stock in many areas of business, tional," https://info.securitymet-
and one essential area for payment pros is data security. Meagan rics.com/case-study-groupize
Elguera, Corporate Communications Manager at SecurityMetrics,
A sent in a note to remind us that regular PCI audits can be highly • Video: "PCI Assessment FAQs,"
beneficial in this regard. To that end, Security Metrics offers a PCI Audit Starter https://securitymetrics.wistia.
Kit with helpful resources. It includes a combination of webinars, white papers, com/medias/p127hsjvwg
blog posts, video and case studies. Here's a sampling:
• Blog post: "IT checklist for PCI
• Webinar and white paper: "How to Prepare for a PCI Audit," www.secu- compliance," www.securitymet-
ritymetrics.com/learn/how-to-prepare-for-a-pci-audit-webinar (webinar) and rics.com/blog/it-checklists-pci-
www.securitymetrics.com/learn/how-to-prepare-for-a-pci-dss-audit (white pa- compliance
per)
The company also offers penetration
• Blog post: "Make Your PCI Auditor Happy Following These Tips," www. testing. "The most accurate way to
securitymetrics.com/blog/make-your-auditor-happy-follow-pci-audit-checklist know your organizational weakness-
es is to examine your business envi-
• Blog post: "How to Prepare for a PCI Audit," www.securitymetrics.com/ ronment the way a hacker would—
blog/how-prepare-pci-dss-audit through manual penetration testing,
also called ethical hacking," Elguera
wrote. "Our penetration testers use
the most up-to-date hacking meth-
odologies to identify vulnerabilities,
minimize risk, and protect your or-
ganization against the most current
hacking trends."
The PCI Security Standards Coun-
cil also offers a wealth of resources
to help payment professionals reach
and maintain PCI compliance. Recent
blog articles, for example, include
"Online Skimming and Payment Se-
curity," "Women in Payments: Q&A
with Stacy Hughes," "Increasing In-
dustry Participation and Knowledge,"
"P2PE v3: What Merchants Need to
Know." Read these posts and more at
https://blog.pcisecuritystandards.org.
How are your security practices?
Have you done a PCI audit? If so, how
effective was it? What other measures
are you taking to help your mer-
chants maintain PCI compliance this
year? Let us know about this and oth-
er issues of concern to the payments
community at greensheet@greensheet.
com. And remember to send news of
your company and professional mile-
stones to press@greensheet.com.
8
