[GRLUG] PCI v1.2 Compliance.

John-Thomas Richards jtr at jrichards.org
Thu Dec 11 17:09:50 EST 2008


On Thu, Dec 11, 2008 at 12:19:59PM -0500, Greg Folkert wrote:
> On Wed, 2008-12-10 at 18:29 -0500, Greg Folkert wrote:
> > be wrned, my reply is long and could have been orders of magnitude
> > longer.
> > 
> > On Wed, 2008-12-10 at 16:05 -0500, Adam Tauno Williams wrote:
> > > On Wed, 2008-12-10 at 15:21 -0500, Greg Folkert wrote:
> > > > All I can say it *IT SUCKS*.
> > > 
> > > Actually I think PCI is a pretty good standard.  I think 98% of the
> > > recommendations are solid/good practices.   And it makes a nice club to
> > > beat good security practices into an organization.
> > 
> [snip lotsa stuff]
> 
> Any comments from anyone? Or insight? Or contrarian thoughts? Or flames?
> 
> I'd have really thought many people would feel this... or at least have
> more comments than from the regular peanut gallery.

I'd love to offer an opinion or 27, but having never been in any sort of
IT role (beyond having the responsibility for maintaining--i.e., backing
up--an Informix database), I'm in way over my head on this issue.

I will say this: this list has some incredibly knowledgable and
intelligent folk.  Wow.
-- 
john-thomas
------
Intellectuals solve problems: geniuses prevent them.
Albert Einstein, physicist, Nobel laureate (1879-1955)


More information about the grlug mailing list