PCI-CSS Compliance

As of the time of writing this, I’m not yet certified, but I’ve been digging in on more and more projects since 2017 and I’m currently configuring a PCI-DSS compliant server.

I’ll use this page to share updates on what I’ve learned, and some insights into what it might entail for your organization to reach PCI-DSS compliance.

The insights here will be mostly website focused, so on-site and POS system compliance will be outside of the scope.

Unexpected Costs
I thought I'd kick off this category of posts with an ever-evolving list of the costs associated with PCI-DSS compliance. One that I've come across recently is the plethora of server changes that must be made (secure Headers, etc) and the code modifications that must go along with them. For instance, truly compliant sites will …