PCI Compliance: Are UK Businesses Ready

August 30, 2010

The Payment Card Industry Data Security Standard (PCI DSS) will apply to organisations in the UK from September 30th 2010.

The Payment Card Industry Data Security Standard (PCI DSS) is one of the most prescriptive data protection standards ever developed. It addresses the ever-increasing threats to customer cardholder data by requiring security controls for the cardholder data environment. As a pass/fail regulation, organizations must pass each and every one of the 214 requirements to be certified as PCI compliant.

KEY FINDINGS

  • Only 12% of United Kingdom (UK) organizations processing credit and debit cardholder data are currently certified as being PCI compliant.
  • While 58% of Level 1 merchants have been audited and certified as compliant, that falls to 6%, 8% and 4% for Level 2, 3 and 4 organizations.
  • Over half (57%) of retail organizations admit to not fully understanding the requirements of the Payment Card Industry Data Security Standard (PCI DSS).
  • Brand awareness and fear of reputation damage is a significant driver for achieving PCI compliance.
  • Over three quarters (77%) of organizations have had no difficulty in securing funding and resource to ensure PCI DSS requirements are met.
  • 88% of organizations have senior management on the PCI DSS team or working group—a figure that is 100% for Level 1 organizations.

Source: http://www.tripwire.com/register/?resourceId=9860

Advertisements

Few keyboard shortcuts

August 30, 2010

1. Jump to the beginning of any Microsoft application by pressing Ctrl + Home.

2. Create a simple bar chart within a set of data in Excel by pressing F11 in any cell.

3. Switch from one window to the next with Alt-Tab.

4. Using F4 to repeat your last action is definitely a time saver in Microsoft Word.

5. Move to another page quickly with the F5 key, which brings up the Go To box.

6. Take advantage of the shortcut power of macros.

7. Some of my favorite keyboard shortcuts Examples: Control + [ to decrease font size one point at a time, and Control + ] to increase font size one point at a time.

8. File away e-mails, once you’ve read them, by pressing Shift + Enter + V to pull up your Folders. Type in the first few letters of a folder name to call it up, then hit Enter.

9. Lock your keyboard with Windows Key + L, and minimize your screen with Windows Key + M.

10. Generate white space between paragraphs (12 pt. of spacing) in Word and Outlook by pressing Ctrl + Shift + 0 (zero)

Source: http://ezines.nibm.net/display.php?M=889961&C=b9c0cf7101b12049bc7ca24eaa8b32a1&S=12507&L=55&N=5499


New Direct Tax Code: Major relief for salaried class

August 26, 2010

The new provisions under the Direct Tax Code are as follows:

  • Tax for income between Rs. 2 lakh – Rs. 5 lakh: 10%
  • Tax for income between Rs. 5 lakh – Rs. 10 lakh: 20%
  • Tax for income over Rs. 10 lakh: 30%
Corporate tax has been kept at 30%.
The limit for exemptions for salaried people is Rs. 2 lakh, while that for senior citizens is Rs. 2.5 lakh.

The new Code comes into effect from April, 2011.

Source: http://www.ndtv.com/article/business/new-direct-tax-code-major-relief-for-salaried-class-47396

BlackBerry services? What does India’s government want?

August 23, 2010

While India’s 800,000 BlackBerry users struggle to figure out what the government wants and what its Canadian developer Research in Motion (RIM) has featured in these devices, here are some answers:

What are BlackBerry services? Which aren’t?

Mobile push-email and messenger. RIM delivers these two services through mobile operators, such as Airtel and Reliance Communications.

All other services you use on your BlackBerry handset, such as SMS, internet access or phone calls, are directly from the mobile operator, and are not BlackBerry services.

Push email is so called because mail is pushed out to your handset as soon as it is received without your needing to download email periodically

What does India’s government want?

To intercept email and instant messages sent via BlackBerry, just as it can tap a phone. When it suspects someone of perpetrating a crime, it wants to be able to read, armed with a specific written order, any encrypted email sent on BlackBerry.

The government can order interception of messages, under Section 5 of the Indian Telegraph Act,1885, only with a written order, granted only when required to prevent a major offense involving national security or terrorism.

Economic offenses were once covered, but withdrawn in 1999 by a Supreme Court order.

Why is BlackBerry mail encrypted?

Most email systems, including Gmail, use encryption. Enterprises don’t trust public email systems for business data; so they use their own secure, firewalled systems.

Now, when they need to use a mobile push-email system, they want to be certain that no third party can read the mail, not even the email provider.

That is BlackBerry’s USP: Mail so secure that RIM itself cannot read it.

What’s BIS and does the government have access to it?

BlackBerry Internet Service (BIS) is the lighter flavour of RIM’s two email services. Meant for individuals, it uses weaker encryption. BIS users buy convenience more than ironclad security.

Airtel or Vodafone “pipes” the encrypted mail from your handset to RIM, which then decrypts it and sends it out, to the recipient.

So RIM “can” let investigative agencies read such mail, and India now has an agreement for BIS access

Can RIM really not “access” BES?

BES is RIM’s flagship product, designed to be so secure that not even RIM can read mail on it. It requires BES server software in the user company’s network.

Email is encrypted on the BlackBerry, using a generated key shared only between the handset and the BES server.

Such mail goes out via, say, Airtel, to RIM in Canada, and back to the company’s BES, staying encrypted all the way with a key that only that enterprise knows. Then it’s decrypted, within the enterprise, and moved to the email server.

If the mail is to someone outside the company, it is sent out – decrypted – by the company’s mailserver.

RIM itself does not have the key to “crack open” BES encrypted mail. That is the published design. Does RIM have a secret backdoor? One really does not know.

Source: http://economictimes.indiatimes.com/articleshowpics/6391833.cms