Email us! Subscribe to Liquidmatrix!

PCI DSS Section 6: Tackling Application Security

Author: Dave Lewis
December 13, 2007 at 7:57 am · Filed under App Security, Data Security

From Search Security:

Among the Payment Card Industry (PCI) Data Security Standard’s 12 requirements is a mandate for Web and application security. Requirement six specifically calls for merchants and credit card issuers to “develop and maintain secure systems and applications.”

While many parts of the standard have caused headaches for companies using credit cards in their business, Section 6 is especially painful. Like other PCI DSS requirements, some of it is common sense and easy to implement, and the rest is ambiguous and confusing to understand, not to mention difficult and costly to implement.

What makes it more painful is that unlike the rest of the standard, the last part, Section 6.6, is only recommended as a “best practice.” It becomes a requirement June 30, 2008, and if companies want to be compliant by that date, they have to begin their work now.

For the full article read on.

Article Link

Tags: , ,

Tag It: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Slashdot
  • Technorati
  • SphereIt
  • StumbleUpon
  • Fark
  • YahooMyWeb
  • Furl
  • Spurl
  • Ma.gnolia
  • NewsVine
Related Articles:

  • PCI Council Issues Clarification on Web App Security
  • RSA Enhances Its PCI Solutions Via Cisco Collaboration
  • Security Briefing: April 11th
  • Security Briefing: May 13th
  • (In)Secure Magazine New Issue Available

    • Leave a Comment