Payment Card Industry's Data Security Standard Archives - IT Jungle

Time To Get Your 2FA On, IBM i Admins

April 3, 2017 Alex Woodie

System administrators working in regulated industries will soon be required to sign-in to servers using two-factor authentication (2FA), according to the latest PCI requirement. The industry regulation will impact administrators working with all types of computer systems, and will likely be enforced in late 2017 or early 2018, security experts say.

In prior versions of the Payment Cardholder Industry Data Security Standard (PCI DSS), only remote administrators were required to use 2FA, which bolsters the security of the sign-on process by requiring users to show “something you know,” like a password, as well as “something you have,” like a hardware …
Read more
Don’t Look Now, But PCI Just Changed Again

March 8, 2017 Alex Woodie

Heads up, IBM i shops: Companies that process any volume of credit card transactions now must send self-assessments to their acquiring banks under the jurisdiction of the Payment Card Industry’s Data Security Standard (PCI DSS). This is a pretty significant change, as previously only merchants processing large volumes were subject to strict PCI DSS requirements.

On January 31, a new PCI provision went into effect that requires Level 4 merchants to submit a Self-Assessment Questionnaire (SAQ) to their issuing banks. Previously, Level 4 merchants, which are defined as processing 20,000 or fewer ecommerce transactions or 1 million total transactions, were …
Read more