IoT Security arrow_forward
PCI - Data Security Standards Simplified
Submitted by Shreyansh Pandey (@weirdpanda) on Tuesday, 7 February 2017
Technical level: Beginner
Anyone with even a little bit of experience in ePayments has come across the wall called PCI-DSS. Being too comprehensive, DSS builds trust in the consumers but a sense of fear in the producers (the engineers) with its specefic-to-usage-class guidelines and whatnot. In this talk, I will simplify all of that and present a AWS-backed Docker-powered backend which will be a breeze to scale and won’t pose any hinderence with regards to DSS validation.
Introduction to the Speaker
What is PCI?
The importance of DSS
Tiers in PCI-DSS
- Classification - Guideline to select one Basic Requirements
- The basic breakdown of DSS Why, when, where, what
Deciphering the Self-Assessment Questionnaires
Decoding the requirements and understanding them
A real life example with AWS
- Model - Implementation - Checking with PCI-DSS Questions
A laptop, open mind, little or no understanding of PCI-DSS.
A 18-year old developer, technology enthusiast and DevOps lover. For the past 5 years, I have tinkered around with systems, written backends in languages ranging from PHP to Node. Personally, I love taking up challenges and love teaching as well. DevOps and backend development are two of my most favorite fields, but the problem is the fact these amazing tools and standards have a very steep learning curve and, thus, new comers are often terrified, to say the least; therefore, teaching something as advanced as possible with as little technicality (in language, that is) has been my long time love. Although young, I promise that the talk will be nothing short of crisp; filled with humour and the zeal to learn more.
Currently, I am doing independant research on voting and consensus protocols.