An Architect's View

CFML, Clojure, Software Design, Frameworks and more...

An Architect's View

cf.Objective() 2008 Session Focus - Payment Card Industry Data Security Standard (PCI-DSS)

April 6, 2008 · 2 Comments

John Mason - Payment Card Industry Data Security Standard (PCI-DSS) Whilst a presentation about an e-commerce security standard might sound very dull, the reality is that this is probably one of the most important topics on the cf.Objective() schedule. "Any company processes, stores or transmits credit card numbers is required to be PCI DSS compliant." John Mason explains the scope of PCI DSS, where you fall within its levels and what is required of you - and how expensive non-compliance can be! He covers each of the major areas of PCI DSS such as network security, encryption, vulnerability management, access controls, monitoring / testing and policy issues. Some of the requirements are "duh!" obvious but some were quite surprising to me (and some are surprisingly burdensome). Along the way he provides examples of specific things you need to deal with in your CFML code. Even if you don't do e-commerce, there are a lot of useful security tips in this presentation - or at least potential security problems that you may not have considered yet.
View count: 420

Tags: cfobjective · coldfusion

2 responses so far ↓

  • 1 Henry // Apr 18, 2008 at 12:31 AM

    It'd be great if such presentation is recorded and made available to all CF-er's online.

  • 2 Sean Corfield // Apr 18, 2008 at 7:52 AM

    @Henry, we're still evaluating the logistics and cost of recording sessions at cf.Objective() and whether such recording would be available only to attendees or to a broader audience. You should lobby your local user group to have John present via Adobe Connect for you!

Leave a Comment

Leave this field empty: