Walt Conway is manager at 403 Labs, LLC, a Qualified Security Assessor (QSA) firm and Approved Scanning Vendor (ASV). Walt is a Payment Card Industry
QSA and a PCI DSS consultant applying 35-years of electronic payments and technology management experience to helping
you plan, implement, and manage PCI DSS compliance and validation.
Walt spent over 10 years with Visa, and then
two years as president of an Internet-based payment processor. Walt co-edits the Treasury Institute's PCI blog and contributes
to other PCI blogs and online forums. He also leads PCI DSS training workshops for the Institute. He was chosen by NACUBO
to represent Higher Education at the PCI Security Standards Council. Walt is a frequent speaker on PCI DSS, security, and
e-commerce topics at NACUBO, EDUCAUSE, Commonfund, Treasury Institute, and other professional conferences and webinars. Walt
is a Certified Payment-card Industry Security Manager (CPISM) and serves on the Advisory Board of the Society of Payment Security
In his spare time, Walt writes a weekly PCI column for StorefrontBacktalk.com, providing a merchant's perspective
on all things PCI. There are links to StorefrontBacktalk.com and the Treasury Institute PCI Blog for Higher Education
in the PCI Blog page.
Walt co-authored "Why Banks View Campuses as High Risk Merchants", an
analysis of Higher Education computer security breaches, and "5 Strategies to Achieve PCI Compliance" (both published
by the Association of Financial Professionals) and "Straight Talk about Data Security" (in NACUBO's Business
Officer). Links to these and other articles are below.
In 2002 he left the business world to serve education
in another way, as a high school mathematics teacher. Having gotten that out of his system, he now consults with colleges
and universities, among others (and their payment gateways and service providers) to plan, implement, and manage their credit
card and e-commerce systems, particularly achieving PCI DSS compliance. Walt and his wife live in San Francisco.
Some recent publications can be downloaded below.
Click here to view PCI in Higher Education
Straight Talk About Data Security
Walter Conway and Dennis Reedy
If you accept payment cards on campus, you need to comply with a standard designed for safe handling of sensitive consumer
information. Indiana University's compliance plans offer some guidance.
Five Strategies to Achieve PCI Compliance
Dennis Ready, CTP managing director,
treasury operations, Indiana University and Walt Conway, Walter Conway Associates, LLC
The higher education
environment provides a microcosm of payment card realities. These “best practices” can work in many industries.
Dennis and I have received more attention from this article than anything else we've done together.
Click here to download "5 Strategies"
Cards at School: Why Banks View Campuses
as High Risk Customers
Dennis W. Reedy, CTP, Managing Director,
Treasury Operations, Indiana University
Walter Conway, Walter Conway Associates, LLC
and debit cards is a fact of life at campuses nationwide. Hand-in-hand with card acceptance comes the responsibility to safeguard
and protect all transaction and consumer data. The Payment Card Industry Data Security Standard (PCI DSS) was created to help
ensure the safe handling of sensitive consumer payment information
Download "Cards at School"