Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: PCI Compliance Policies
From: Roger Safian <r-safian () NORTHWESTERN EDU>
Date: Thu, 19 Jul 2007 12:56:31 -0500

At 12:30 PM 7/19/2007, Theresa M Rowe put fingers to keyboard and wrote:
The date doesn't appear on the PCI site, but our bank and other orgs are giving 
this date -
For example 
http://www.gfi.com/security/pci.htm
Furthermore, PCI DSS compliance needs to be achieved by September, 2007 ­ this 
is the deadline posed by credit card companiees. Organizations that fail to 
comply face fines of up to $500,000 if the data is lost or stolen and risk not 
being allowed to handle cardholder data. 

Are you a new level 2 merchant?  See 
<http://usa.visa.com/merchants/risk_management/cisp_merchants.html?it=c|/merchants/risk_management/cisp_overview.html|Merchants>
.

AFAIK, the credit card companies have already assessed fines.


-- 
Roger A. Safian 
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]