Why do you need credit card information?
Jun 18th, 2007 by Jesper Kråkhede
When I am out having workshops regarding implementation of PCI DSS one of the first questions I ask is: Why do you save the information? It have turned out that not a single company has had the need to store the information for a longer timeperiod then 10 minutes. Something to think off when you do your next evaluation. Why implement encryption on all databases when a simple delete statement will do.