PCI compliance guidance fueling technology investments, expert says

PCI compliance guidance fueling technology investments, expert says

Date: Jul 10, 2012

The Payment Card Industry Data Security Standard (PCI DSS) was updated to version 2.0 in 2010, and experts say updates slated for late 2013 should be minor.

But that hasn't slowed ongoing PCI compliance initiatives at many organizations. The adoption of emerging technologies is forcing merchants to reassess data security controls to ensure continued PCI DSS compliance. Companies are using the latest PCI guidance documents on point-to-point encryption, tokenization and virtualization to better secure data and, in many cases, eliminate credit card data from their environment, said Diana Kelley, a partner at Amherst, N.H.-based consulting firm SecurityCurve. 

In this video interview, Kelley explains how merchants are using the guidance reports to help maintain compliance when adopting cloud-based services. PCI compliance in the cloud is possible, Kelley says, but it poses some interesting challenges in maintaining transparency into the cloud provider's systems and processes and who ultimately is responsible for protecting the credit card data.

More on PCI Data Security Standard

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: