I think only a masochist would pay to do that, unless someone made you.
-----Original Message-----
From: Scott Vander Dussen
Sent: Wednesday, October 28, 2015 6:35 PM
To: af@afmug.com
Subject: [AFMUG] PCI Compliance- who has it?
Just saw Ken's post about PCI compliance and didn't want to hijack that
thread. PCI compliance when it first came out was mandated by the credit
card processor, about $20/mo and included some quarterly scans for
vulnerabilities or exploits. We've switched processors a few times and
realized that no one has asked us about PCI compliance for years. Looked
into purchasing PCI auditing from McAfee and it's $1k a year, and involves
an extremely intensive questionnaire of the company plus serious internal
documentation of policy etc. Basically, PCI compliance got a lot more legit
and expensive. Just wondering what everyone else is doing? Grandfathered
the old low-tech quarterly scan, nothing at all, or are you on board with
this newer intense PCI compliance?
Thanks,
`S
