As an online payments provider, Stripe has always had a close relationship with PCI DSS. And as a partner to hundreds of thousands of online businesses, we take the security of our users' personal information very seriously. But as a fast-growing startup company where fast innovation is a key advantage, we also can't let PCI control us. In this session, we will discuss strategies we have used that both make us more secure and satisfy our PCI (and other) obligations, all without slowing down our ability to innovate. Though useful for PCI and other compliance obligations, these strategies can just as easily be applied to security problems across your organization.