All the latest UK technology news, reviews and analysis
|
|
|
04 Mar 2009
The Payment Card Industry Security Standards Council (PCI SSC) has released a new resource designed to help merchants struggling to attain compliance with the PCI Data Security Standard.
The global payment industry body launched the Prioritized Approach framework to help merchants that are not yet fully compliant. It will identify highest risk targets, create a common language around PCI DSS implementation efforts, and demonstrate progress on the compliance process to key stakeholders.
The framework is made up of six 'security milestones' aimed at laying out a series of best practices for protecting against the highest risk factors and escalating threats facing cardholder data security. The milestones are as follows:
1. If you don't need it, don't store it
2. Secure the perimeter
3. Secure applications
4. Monitor and control access to your systems
5. Protect stored cardholder data
6. Finalise remaining compliance efforts, and ensure all
controls are in place
"Securing cardholder data is the ultimate priority, and following the PCI DSS is the best way to achieve this," said Bob Russo, general manager of the PCI Security Standards Council.
"The Prioritized Approach framework will help stakeholders understand where they can act to reduce risk earlier in their journey towards PCI DSS compliance.
"The launch of these new guidance and interactive documents are another step by the Council to increase understanding of and education around PCI DSS among merchants, providing them with insight into how they can protect card holder data faster and demonstrate progress and compliance with the PCI DSS."
According to the PCI SSC, the framework was based on actual data compromises, as well as feedback from assessors and forensic investigators, and input from the PCI SSC Board of Advisors.
The Prioritized Approach framework is available on the Council's web site. It includes a reference document and downloadable worksheet that allows merchants to sort specific PCI DSS requirements by the individual milestones.
Latest stories from Web
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Software Design Architect (Windows Database Application...
Lead Java Developer - Fast growing, young and international...
Job Specification Graduate Support Engineer...
Job Specification For: Software Developer...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?