Pci DSS

Fairlight fairlite at fairlite.com
Thu Sep 19 14:09:53 PDT 2013


On Wed, Sep 18, 2013 at 10:50:42AM -0400, Kenneth Brody thus spoke:
> On 9/18/2013 12:51 AM, Richard Kreiss wrote:
> [...]
> > Based on hacking reports, do you really want to trust your sensitive data
> > to an outside source.  The banks and credit card companies don't exactly
> > have a stellar reputation for protecting card holder information.
> 
> But... but... but...  They're PCI/DSS certified!  How could that happen?  :-)

I've worked with PCI certification, and can tell you that those
certifications are absolutely meaningless.  There are certified systems out
there I would never trust, and there are systems that haven't been/can't be
certified with which I'd trust just about anything.

m->
-- 
Audio panton, cogito singularis.


More information about the Filepro-list mailing list