PCI Task Calendar
PCI compliance is comprised of over 200 individual requirements. Many of the requirements in the PCI DSS must be maintained throughout the year and conducted on a recurring basis. To help your organization stay on top of PCI compliance and be prepared for the next PCI assessment, we have put together a list of key requirements and recurring tasks.
Vulnerability Scanning from AWS
At Aeris Secure, we really enjoy Amazon's infrastructure, AWS. Like most organizations, we went from having a sense of pride in our nice physical servers to eventually resenting the trips to the collocation that cloud providers make unnecessary. We enjoy all of the services that one can access with the flip of a switch, most of which require little configuration and monitoring overhead to keep running.
PCI Policy Documentation
Without fail, the first time an organization goes through the PCI gap assessment, remediation, and assessment cycle, they always underestimate the amount of specificity required by the PCI DSS. Smaller companies will spend a significant amount of time drafting and adopting new policies within their organization, while larger companies will spend their time trying to find which existing policies satisfy which requirements, making adjustments as necessary.