Compass IT Compliance Blog

Derek Morris

Derek is an experienced Senior Information Technology Security Auditor with Compass IT Compliance. An IT professional with over 20 years in the Security and Infrastructure arena of IT. Nearly half of career in IT has been in Management/Director/ISO roles. Derek holds numerous industry and vendor certifications including CISSP, CISM, CISA, CCNA and MCSA. Derek is currently is one of the Qualified Security Assessors (QSA) for PCI at Compass. He is an information technology professional with a Bachelor's Degree in Computer Information Systems from Bryant University.

Recent Posts

PCI Requirement 12 - People, Policies, and Processes Time!

 

This is the twelfth blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through this process. To view the previous posts in this series, click on the appropriate links below:  

PCI Requirement 1 - Defending the Wall

PCI Requirement 2 - Change Your Defaults!

PCI Requirement 3 - Don't Store Cardholder Data!

PCI Requirement 4 - Hide in Plain Sight!

PCI Requirement 5 - Update and Scan

PCI Requirement 6 - Patches and Scanning and Coding, Oh My!!

PCI Requirement 7 - Thou Shall Not Pass!

PCI Requirement 8 - Identify, Authenticate, and Authorize

PCI Requirement 9 - Lock the Doors and Don't Forget the Windows Too!

PCI Requirement 10 - Big Brother is Watching!

PCI Requirement 11 - People, Policies, and Processes Time!

PCI Requirement 12 - Maintain a Policy That Addresses Information Security for all Personnel

PCI Requirement 11 - Testing, Testing, 1, 2, 3!

 

This is the eleventh blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through this process. To view the previous posts in this series, click on the appropriate links below:  

PCI Requirement 1 - Defending the Wall

PCI Requirement 2 - Change Your Defaults!

PCI Requirement 3 - Don't Store Cardholder Data!

PCI Requirement 4 - Hide in Plain Sight!

PCI Requirement 5 - Update and Scan

PCI Requirement 6 - Patches and Scanning and Coding, Oh My!!

PCI Requirement 7 - Thou Shall Not Pass!

PCI Requirement 8 - Identify, Authenticate, and Authorize

PCI Requirement 9 - Lock the Doors and Don't Forget the Windows Too!

PCI Requirement 10 - Big Brother is Watching!

PCI Requirement 11 - Regularly Test Security Systems and Processes

PCI Requirement 10 - Big Brother is Watching!

This is the tenth blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through this process. To view the previous posts in this series, click on the appropriate links below:  

PCI Requirement 1 - Defending the Wall

PCI Requirement 2 - Change Your Defaults!

PCI Requirement 3 - Don't Store Cardholder Data!

PCI Requirement 4 - Hide in Plain Sight!

PCI Requirement 5 - Update and Scan

PCI Requirement 6 - Patches and Scanning and Coding, Oh My!!

PCI Requirement 7 - Thou Shall Not Pass!

PCI Requirement 8 - Identify, Authenticate, and Authorize

PCI Requirement 9 - Lock the Doors and Don't Forget the Windows Too!

PCI Requirement 10 - Track and Monitor All Access to Network Resources and Cardholder Data

PCI Requirement 9 – Lock the Doors and Don’t Forget the Windows Too!

This is the ninth blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through this process. To view the previous posts in this series, click on the appropriate links below:  

PCI Requirement 1 - Defending the Wall

PCI Requirement 2 - Change Your Defaults!

PCI Requirement 3 - Don't Store Cardholder Data!

PCI Requirement 4 - Hide in Plain Sight!

PCI Requirement 5 - Update and Scan

PCI Requirement 6 - Patches and Scanning and Coding, Oh My!!

PCI Requirement 7 - Thou Shall Not Pass!

PCI Requirement 8 - Identify, Authenticate, and Authorize

PCI Requirement 9 - Restrict Physical Access to Cardholder Data

PCI Requirement 8 - Identify, Authenticate, and Authorize!!

 

This is the eighth blog in a 12-part series addressing each PCI DSS Requirement and the challenges faced by companies going through this process.  To view the previous blog posts in this series, please follow the links below:

PCI Requirement 1 - Defending the Wall

PCI Requirement 2 - Change Your Defaults!

PCI Requirement 3 - Don't Store Cardholder Data!

PCI Requirement 4 - Hide in Plain Sight!

PCI Requirement 5 - Update and Scan

PCI Requirement 6 - Patches and Scanning and Coding, Oh My!!

PCI Requirement 7 - Thou Shall Not Pass!

PCI requirement 8: Identify and authenticate access to system components