Skip navigation

PCI’s MFA Requirement: Clarity from a QSA

In this webinar, you will receive:

  • Details on the most common PCI-focused deployment scenarios, and considerations when planning yours
  • Expert advice and best practices on meeting the multi-factor authentication requirements of PCI 3.2
  • Tips on how to meet PCI requirements for admins, including log retention, account lockout options, and more

2016 marked the first year that more than half of businesses (55.4%*) reached PCI-compliant status. This is encouraging news, but as standards are revised and best practices strengthened, more businesses failed their first-time audit in 2016 than in prior years.

Join us for a practical discussion on the compliance requirements of PCI 3.2 that will be enforced in February, with Paul Guthrie from PCI QSA, Payment Software Company (PSC), and Duo Security’s Trust and Compliance Manager, Jamie Tomasello. Along with up-to-the-minute expert recommendations, we’ll host a Q&A session where you can get answers to your PCI-related authentication questions.

*2017 Verizon PCI Compliance Report

Presenter Info

Jamie Tomasello

Jamie Tomasello is the Manager of Trust & Compliance at Duo Security. She has been addressing internet security and policy issues for over seventeen years at internet service providers, security companies, law firms, & non-profits. She has been a Technical Chair, Program Chair, and Training Chair for the Messaging, Malware, & Mobile Anti-Abuse Working Group (M3AAWG), a member of InfraGard, the Bay Area Electronic Crime Task Force, and is a Certified Information Privacy Professional (CIPP/US & CIPT).

Paul Guthrie

As CTO and co-founder of PSC, Paul Guthrie’s vision and expertise drives the strategic development of PSC’s extensive base of code, systems, and its application in the design and implementation of identity, authentication, and payment solution. He has spoken at numerous industry and related events including CardTech/SecureTech and Jupiter Financial Services forums in the topics of security, telecommunications, and payments.