Understanding PCI DSS compliance requirements

Payment Card Industry Security Standards Council (PCI SSC) has prescribed PCI Data Security Standards  (PCI DSS) for keeping payment cardholder data secure.  PCI DSS applies to any business that stores, processes, or transmits cardholder data. In practice, this means PCI applies to all merchants that accept card payments, as well as to the member financial institutions and service providers that process the associated transactions. Matrix of the compliance requirements prescribed by PCI SSC is given in the table below. Before studying the table, it would be helpful to understand the terms cardholder data, merchant, service provider, acquirer, application scanning vendor and qualified security assessor. Continue reading “Understanding PCI DSS compliance requirements”

Qadit in Sri Lanka

Qadit has expanded its operations to Sri Lanka under the banner ‘Qadit Information Security Solutions Lanka (P) Ltd’. The office is located in Grandpass Road in Colombo. Qadit, which has been providing world-class end-to-end information security solutions to clients since 2001 from India, will be providing its full range of services of including information security audits, information security consulting, SAP audits and business process reviews to Sri Lankan organisations from its Colombo office. Qadit Information Security Solutions Lanka (P) Ltd. is also a member of the SLASSCOM (Sri Lanka Association of Software and Service Companies).

Automatic offsite backup techniques

As part of the business continuity or disaster recovery, it is imperative for every organization to maintain a copy of its electronic data at an offsite location. Offsite backups can be maintained manually or through automatic means. When maintained manually, the backups are taken physically on media like tapes, magnetic discs etc at the onsite location and then transported to the offsite storage location. In an automatic offsite backup, there is no manual intervention involved and therefore is less error prone and can be done at more frequent intervals. Couple of automatic offsite backup solutions are listed below. Continue reading “Automatic offsite backup techniques”

A Data Center View

When an enterprise is small in size the IT infrastructure consists of a server room with couple of low end servers, some networking devices and client PCs. But as the organization grows the IT infrastructure too grows in size. Medium to large scale enterprises have data centers of their own or outsource the data center (DC) operations to service providers who specialize in DC operations. In this article, let us have a peek into a typical data center and look at what components are deployed.

 

Continue reading “A Data Center View”