Firms urged to take PCI DSS seriously
by Richard Kilner
Story link: Firms urged to take PCI DSS seriously
From 1st July Visa is to enhance its security measures on smaller companies accepting card payments and from September large scale card-accepting businesses will have to be fully PCI DSS compliant.
Jeff LoSapio, security practice manager for application security specialists Fortify, has argued that SMEs need to alter their mindset to handle the change in security rules Visa is implementing.
According to LoSapio SMEs need to start thinking like big businesses, adding that they need to take both cyber security threats and PCI seriously.
DCI practices are intended to protect consumers from poor IT from companies.
LoSapio added that businesses should, if they not yet, review their IT security infrastructure to help head off any potential problems down the line.
There are a dozen requirements, which companies can check to see whether they apply to their business by visiting the PCI Security Standards Council website, which also offers resources.
LoSapio went on to say that businesses could learn much of what was needed from the site, including the difference between a QSA (qualified security assessor) and an ASV (approved scanning vendor), before a consultant is even needed.
The new Barclaycard SmartPay system is set to be launched this summer, and offers online firms a range of PCI DSS compliant fraud and risk tools.