{"version":"1.0","provider_name":"OTAVA","provider_url":"https:\/\/www.otava.com","title":"Achieving a Layered Data Security Solution for PCI DSS Compliance","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"2mFlAI1VbZ\"><a href=\"https:\/\/www.otava.com\/blog\/achieving-a-layered-data-security-solution-for-pci-dss-compliance\/\">Achieving a Layered Data Security Solution for PCI DSS Compliance<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/www.otava.com\/blog\/achieving-a-layered-data-security-solution-for-pci-dss-compliance\/embed\/#?secret=2mFlAI1VbZ\" width=\"600\" height=\"338\" title=\"&#8220;Achieving a Layered Data Security Solution for PCI DSS Compliance&#8221; &#8212; OTAVA\" data-secret=\"2mFlAI1VbZ\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/\/# sourceURL=https:\/\/www.otava.com\/wp-includes\/js\/wp-embed.min.js\n\/* ]]> *\/\n<\/script>\n","description":"For ecommerce websites, partnering with a PCI DSS compliant hosting provider can help you achieve many requirements of the standard while building a layered security solution to protect credit cardholder information, whether stored or merely in transit. Where should you start? [If you&#8217;re not sure what the requirements are, read\u00a0What is PCI Compliance?] For a fully protected system with multiple layers of technical security, start with a web application firewall (WAF), a device that sits behind your virtual or dedicated firewall and scans any incoming traffic to web servers for potentially malicious attacks that might affect the web application server, including SQL injection attacks. Using a security tool to protect public-facing web applications is required by PCI DSS compliance requirement 6.6. Another way to protect against online fraud and unauthorized access to your Virtual Private Networks (VPN) when connecting remotely is two-factor authentication. Using a password and unique user ID in addition to a secondary factor (i.e., push notification on your smartphone) makes it more difficult for external intrusions to occur as a result of employing only one factor of authentication. Two-factor satisfies requirement 8.3 that says companies must \u201cincorporate two-factor authentication for remote access (network-level access originating from outside...","thumbnail_url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/web-application-firewall.png"}