Nominate your company for the PCI SSC Board of Advisors
Card Vendors: Updated Payment Card Production and Provisioning Security Standard
We want your expertise on cloud
Using a QIR can reduce merchants’ risk
Last week to enroll in Miami ISA class
As always, if you have questions, concerns, or suggestions on how to improve this weekly communication for POs, please email us at: pcimonitor@pcissc.org.
PCI NEWS & PROGRAM UPDATES
Nominate Your Company for the PCI SSC Board of Advisors The Board of Advisors represents the Council’s Participating Organizations worldwide to ensure global industry involvement in the development of PCI Security Standards. As strategic partners, they bring market, geographical and technical insight to PCI Council plans and projects. Click here to view the current board.
The 2017-2019 Board of Advisors will be seated this year through a nomination and election process. The nomination period is 23 January to 27 February. All Participating Organizations in good standing are eligible to self-nominate.
Please consider nominating your company for a seat on the 2017-2019 Board of Advisors.
Card Vendors: Updated Payment Card Production and Provisioning Security Standard The Council is updating the PCI card production standard and expanding requirements to include protections for mobile payments provisioning. PCI Card Production and Provisioning Security Requirements version 2.0, including a summary of changes, will be available on the PCI Council website later this week.
PCI Card Production and Provisioning Security Requirements version 2.0 ensures the strongest protections for customer payment information during card production and provisioning. Card production includes card manufacturing; magnetic-stripe card encoding and embossing; card personalization; chip initializing, embedding, and personalization; card storing; shipping and mailing. Provisioning is the process of adding cardholder account information to a device via an over-the-air or over-the-internet communication channel.
Vendors should work with the individual card brands to confirm timing of when future security reviews must be performed against PCI Card Production and Provisioning Security Requirements version 2.0.
PARTICIPATION OPPORTUNITIES
We Want Your Expertise on Cloud Involvement in Special Interest Groups (SIGs) is a great way to provide your expertise to the Council and develop practical payment security resources for the industry.
Consider contributing your experience, insights and questions to the 2017 Special Interest Group on cloud. Specifically, the initiative will focus on updating the PCI DSS Cloud Computing Guidelines.
Using a QIR Can Reduce Merchants’ Risk You’ve read it in the news, but it’s worth repeating… merchant point-of-sale (POS) systems are under attack. Cybercriminals take advantage of improper network configuration, inadequate remote access security, and use of easily-guessed or default passwords.
Merchants want to know that their system has been configured and installed correctly, and integrators and resellers need proper training in order to actually perform a secure installation. The affordable QIR eLearning course is available 24/7, for less than $300* per technician.
*$295 is the Participating Organization (PO) rate; non-PO rate is higher.
Last Week to Enroll in Miami ISA Class Soak up some sun and some PCI knowledge, too. Enroll in the first Internal Security Assessor (ISA) training class of 2017. It’s being held in Miami, Florida on 23-24 January. But hurry - applications must be in by this Friday!
Take two days to learn how to improve security and conduct assessments for your organization’s payment data. Start 2017 off more securely.
