Thursday, July 10, 2008

Former Hannaford CIO: Avoid Microsoft and Change PCI's Encryption Rules

Evan Schuman writes on StorefrontBacktalk:

Bill Homa, who just stepped down July 1 as the CIO for the 165-store Hannaford grocery chain, considers Microsoft's OS to be "so full of holes" and describes the fact that current PCI regs do not require end-to-end encryption as "astonishing."

But Homa's key point is that most retailers handle security backwards: Don't pour everything in protecting the frontdoor. Assume they'll get through and have a plan to control them once they're inside.

One of the most frustrating IT security realities in retail today is the quintessential oxymoron: the more serious the CIO is about keeping data secure and the more sophisticated a defense is deployed, the more points of vulnerability emerge.

More here.


At Thu May 14, 06:31:00 PM PDT, Anonymous pci dss said...

This information is very helpful. It really helps me understand more about PCI. Keep posting. Will certainly try doing that myself. Your post/article really helped. Thanks a lot.


Post a Comment

<< Home