Post Archive
Tags
2.0 3.0 Agency Assessment assessments audit Breach BYOD cloud Compliance Cyber cybersecurity Data DRG DSS e-banking encryption engineering federal FedRAMP FISMA forensics government GRC hacker hacking Health Healthcare HIMSS HIPAA HITECH IT labs legislation merchant mobile Navis News NRF P2PE PA-DSS password passwords Payments PCI penetration pentesting policy Privacy program Retail Risk RSA security security. Self-Assessment social State test Testing Virtualization web

The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique IT GRC issues that impact the industries we serve, including RetailFinancial Services, Healthcare, Higher Education, Software, Government and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.

  • P2P Encryption Program now available from PCI Council

    May 25, 2012, Mike Weber, Managing Director, Coalfire Labs

    Mike Weber

    The PCI council has updated the Point-to-Point encryption (P2PE) program requirements (PDF). The update impacts merchants, payment applications, point of sale vendors and service providers. As a participating organization of the PCI P2PE task force, providing input into the standard, I wanted to briefly explain how this affects the various PCI ecosystem participants.

    The ultimate goal of the P2PE program is to reduce the PCI DSS scope that merchants experience by shifting the burden away from merchants toward solution providers who are providing validated P2PE solutions. Deploying validated P2PE solutions will simplify PCI DSS validation for merchants while reducing the risk of cardholder data breaches. Read More

    Posted in: encryption, P2PE, PCI | 0 Comments