Skip to main content

PCI news & updates

(0 comments)

According to this article on InformationWeek:

The Payment Card Industry Data Security Standard--known as PCI DSS, or just PCI--is meant to safeguard cardholder data. Yet, 67% of PCI-regulated companies are still not in full compliance with the standard.

At the same time, the PCI Council has pointed out that if you have a call-center that processes credit card data, it needs to be in scope.  

I'm firmly in the camp that PCI is "raising the security floor".  We know from experience that organizations that never would have before are deploying two-factor authentication to their infrastructure.  I think that two-factor authentication is, in particular, a technology that indicates a change in the market. Deploying strong authentication affects end-users, as opposed to deploying an application firewall, for example.  While great strides have been made, clearly, the PCI effort still has a long way to go. 

Currently unrated

Comments

There are currently no comments

New Comment

required

required (not published)

optional

Recent Posts

Archive

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom