IMO, PCI is not that big security policy, but without it your not able to use the credit card companies gateway. I think its just the basics that any company dealing with CC must implement.
Because it shall be nonsense to deal with CC, and not have an Anti-virus for
example !!
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
