[Dataloss] OT? PCI Education Steak & Shake
Kehoe, Matt
Matt.Kehoe at sephora.com
Tue May 8 19:51:45 UTC 2007
Having just gone through this, the biggest gotcha is that tier 1
retailers need a "3rd party assessment" which means you cant just
execute compliance from within....
PCI standards still leave much to be desired, but it's a good step
forward for retailing in general...
-----Original Message-----
From: dataloss-bounces at attrition.org
[mailto:dataloss-bounces at attrition.org] On Behalf Of Al Mac
Sent: Tuesday, May 08, 2007 8:48 AM
To: Data Loss Incidents
Subject: [Dataloss] OT? PCI Education Steak & Shake
OT because we have no info on any cyber security incident, but of
interest what is considered to be state-of-art when it comes to
preventing certain kinds of incidents.
Steak & Shake restaurant chain has had to beef up its computer security
because a rapid increase in their credit card transaction volume has
taken them to more stingent tiers of PCI standards. The article shows
us what hoops the chain had to jump through to meet the standards.
What we do not see here is a perspective on security rules enforcement
to avoid more incidents like TJX. There are also some statements in the
article that I would take issue with. They imply stronger security than
my understanding of reality.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&
articleId=291415&source=rss_topic17
_______________________________________________
Dataloss Mailing List (dataloss at attrition.org)
http://attrition.org/dataloss Tracking more than 207 million compromised
records in 649 incidents over 7 years.
More information about the Dataloss
mailing list