You need to go through a PCI audit someday.
You'll change your position very quickly :-)

Nah, PCI auditors are wimps. Try dealing with IT auditors from the DCAA. I did that for 5 years ;-)

Just tell them that you don't allow ODBC access to your database. That will confuse them because that eliminates about 95% of known hacks. Then tell them that you protect your DB with RPG. They will think you're insane for using rocket propelled grenades, but they'll back off ;-)


Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2015 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact