|
PCI Data Security Standard Calls for Next-Generation Network Security |
|
|
|
Source: Help Net Security - Posted by Eric Lubow
|
The widespread use of credit cards for virtually all of our financial transactions has increased exponentially with the rapid adoption of e-commerce throughout the worldwide economy. With the increased use of credit cards comes the increased risk of fraud through credit card information theft and misuse. Stolen credit card data now has a monetary value on the street, and determined thieves have capitalized on failures to protect the data networks of businesses that process credit card transactions. The need to secure credit card transaction data at every level of business has never been greater, and a new set of security and privacy requirements, known as the Payment Card Industry (PCI) Data Security Standard, has created a compliance challenge for all companies that accept credit cards.
The PCI standard holds all businesses that process credit card transactions to a minimum security standard for protecting cardholder data. PCI requires companies to comply with 12 guidelines for protecting and storing data, encrypting data, maintaining security protocols for data access, and establishing strict information security policies. PCI compliant organizations need to assign a unique ID number to every employee who has access to credit card data, and each company must track data access patterns for every employee. It is evident that the PCI standard recognizes that most of the breaches of information security come from the inside, and its requirements address this issue directly, posing a significant challenge for most IT organizations.
Read this full article at Help Net Security
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
