PCI compliance guidance fueling technology investments, expert says

The Payment Card Industry Data Security Standard (PCI DSS) was updated to version 2.0 in 2010, and experts say updates slated for late 2013 should be minor.

But that hasn't slowed ongoing PCI compliance initiatives at many organizations. The adoption of emerging technologies is forcing merchants to reassess data security controls to ensure continued PCI DSS compliance. Companies are using the latest PCI guidance documents on point-to-point encryption, tokenization and virtualization to better secure data and, in many cases, eliminate credit card data from their environment, said Diana Kelley, a partner at Amherst, N.H.-based consulting firm SecurityCurve. 

In this video interview, Kelley explains how merchants are using the guidance reports to help maintain compliance when adopting cloud-based services. PCI compliance in the cloud is possible, Kelley says, but it poses some interesting challenges in maintaining transparency into the cloud provider's systems and processes and who ultimately is responsible for protecting the credit card data.

View All Videos

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close