Payments, Software, Technology on March 14, 2010

March 14, 2010
  • Anton Chuvakin Blog – "Security Warrior"RSA 2010 EXCLUSIVE PCI Security Standards Council Interview
    March 14, 2010 – Having had the opportunity to hear Bob Russo speak at the ProPay Data Security Summit…I remain as impressed with his position/poise in front of all stakeholders in the PCI arena as always.

    This interview with Bob and Troy is a MUST READ.

  • The Official Google BlogIndian Premier League bowls wicked googly* to the world on YouTube
    March 14, 2010 – In a bit of non-work personal interest acknowledgement, the ability to view cricket matches (IPL) via YouTube is a HUGE thing for me. I’ve been following some matches via web, the extraordinarily few posted on ESPN360 and now I have a way to watch via youtube.

    If you are a cricket fan, or have an interest (even passing), IPL is an interesting place to start due to match length and a somewhat more modern feel in promotion.

  • TechdirtLessig Gives A Well-Timed Speech To The Italian Parliament On Internet Freedom
    March 14, 2010 – While I don’t always agree with what Lessig has to say, I find his presentation style extraordinarily compelling…and the concepts he espouses though provoking. This is well worth the time to watch.
  • Daring FireballWhy Did Nick Denton Truncate Gawker Media’s RSS Feeds?
    March 14, 2010 – This is an interesting topic…I have ALWAYS preferred full-text feeds…to the point of removing the vast majority of feeds that are truncated.

    What drives me to click-through? The community…If I’m interested in the conversation surrounding a topic I will always click-through.

  • Branden R. Williams, Business Security Specialist » blogCompliance, Easier than Security!
    March 14, 2010 – Only a quote…no commentary…the thought stands alone.

    “As security practitioners, we must put down the stick, and embrace the carrot. Compliance as a security stick will get you short term gains, but will not afford you the long term support you want and need to be successful. Sure, it’s harder to answer the question “Why?” when the answer isn’t “Because I told you so!”

    But isn’t that the fun part of the job?”

  • StorefrontBacktalkOverpaying For PCI Compliance
    March 14, 2010 – I love this statement:

    “Rather, the reason many merchants pay too much is that they forget PCI Requirement 0. You don’t know Requirement 0? It says: Minimize Your PCI Scope.”

    After the ProPay security summit, this may be a term that I steal…”Requirement 0″

  • CloudAveThe Value is in the Glue
    March 14, 2010 – This quote is key:

    “Cloud Computing is not simply being driven by economic factors. Cloud Computing’s rise is part of a much larger cycle — one that’s been happening for decades. In that context, it’s probably instructive that we keep our eye focused on where the value will land — not in servers, or storage, or processing cycles, or even in applications themselves. Just as with email, the internet, and cell phones — the VALUE is in the connection. The value lives in the space between the servers, storage, apps, people, data and networks.”

    The technical implementation of a solution, while always intriguing, is never as important as the value derived from such an implementation.

ProPay Data Security Summit: a day 1 summary

March 9, 2010

Event attendance is an intriguing experience.  If you have not heard the term “backchannel”, let me explain…rather, let me link to something on the subject.  Read that, or at least the intro, and return…I don’t mind waiting.

Back already?

To me the backchannel is not only enabled by technology, but occurs around coffee tables and in the halls and in the murmurs during presentations.  Sometimes, it is in these backchannel communications that the most can be learned.  This conference is slightly different.  Although the backchannel is still vibrant and intriguing…the Q/A sessions, panel discussions, and boldness of attendees have thrust much of the backchannel conversations to the forefront.

(more…)

ProPay Data Security Summit: a brief note

March 9, 2010

Just a brief note that I will be blogging/tweeting from the Data Security Summit 2010 over the next few days…The plan, at least at present, is to tweet from the sessions and then blog in the evenings with either commentary on a theme or on a specific session. 

If you are interested in following along on twitter, you can monitor the #DSS10 hashtag that I will be using.

If, during reading the tweets, there is anything you want me to address with a specific presenter please tweet, or e-mail, and I will be happy to oblige.

Payment Instruments: a thought exercise

March 7, 2010

One of the benefits of plane travel is the opportunity to sit in relative silence (except for the screaming child and angry passenger) and simply read.

Every flight that I take I either print, or load onto kindle, hefty materials that are otherwise difficult to consume. It is for this reason, in large part, that I dread the day of widespread availability of access from a flight…

Would it be nice to land without a queue of e-mail to send or receive?
Yes.

Would it be nice to land "caught up" on anything that happened during a lengthy flight?
Yes.

Will I miss the hours of focus on some esoteric bit of payments consultation data or reports that have been recently created?
Quite.

But, I digress.

(more…)

Payments, Software, Technology on March 2, 2010

March 2, 2010