May 21 2008

How are you meeting PCI Requirement 6.6?

Published by at 8:27 am under PCI

The deadline for meeting requirement 6.6 of the PCI-DSS is quickly coming up, June 30th as a matter of fact. So how is your business meeting with this requirement? Do me a favor and take this quick poll to let me know what you’re up to; it’s as completely anonymous as anything on the Internet can be, but I’m curious how people and companies are taking this requirement. Something to remember, whether you’re a Level 1 merchant or a Level 4 ‘mom and pop’ store, you’re still responsible for meeting this requirement.

For more information on meeting PCI 6.6, read the PCI Security Council guidance here.

Edit:  I’m just having a bad day and the poll doesn’t seem to be working.  I’ll try again when I have the time to deal with it.  Please leave a comment instead of taking the poll.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

2 responses so far

2 Responses to “How are you meeting PCI Requirement 6.6?”

  1. Ericon 21 May 2008 at 8:35 am

    We’ve been using NetScaler/Teros for a while now. It’s a beast of a box and a swiss army knife for most PCI requirements.

  2. Bon 29 May 2008 at 6:02 am

    Technically the ‘deadline’ for compliance is set by the ASV and is not the same as this June 30th date. This date is to say that if you are submitting a questionnaire for compliance after June 30th, you either have to have code scanning/review built into your SDLC, or need to have an application firewall in place.

%d bloggers like this: