Security Basics mailing list archives

Re: Is PCI Compliance Mandatory

From: cstubbs () gmail com
Date: 13 Jan 2008 23:43:58 -0000


Short answer is yes, a longer answer is almost definetly.

http://www.pcistandard.com/

"Who is required to meet the PCI security standard?

All entities that accept credit or debit card payment, collect, process or store credit card transaction information, 
regardless of their transaction volume, were required to meet the PCI standard by June 30, 2005. Failure to comply with 
the PCI security standard may result in substantial fines or permanent expulsion from card acceptance programs."

I work with the standard every day, most of what's in there is common sense good practice for any organisation that 
stores or processes card information or other sensitive data.

Current thread:

Is PCI Compliance Mandatory global . infosec (Jan 12)
- RE: Is PCI Compliance Mandatory Craig Wright (Jan 14)
- Re: Is PCI Compliance Mandatory J. Lion (Jan 14)
- RE: Is PCI Compliance Mandatory Palmer, Mark (Jan 14)
- Re: Is PCI Compliance Mandatory Chad Loder (Jan 14)
- RE: Is PCI Compliance Mandatory Abimbola, Abiola (Jan 14)
- Re: Is PCI Compliance Mandatory Jason Thompson (Jan 14)
- <Possible follow-ups>
- Re: Is PCI Compliance Mandatory cstubbs (Jan 14)
- Re: RE: Is PCI Compliance Mandatory marc . massar (Jan 14)
- Re: Is PCI Compliance Mandatory evilwon12 (Jan 14)