The Right Steps to Safeguarding Credit Card Data

It’s beginning to feel like every other day that we learn about yet another data breach, where credit card information or other sensitive consumer data is compromised. An air of complacency has settled in; we are becoming almost immune to the rash of incidents taking place.
The effects on consumers who have been breached are hardly insignificant. Having to cancel credit cards is a terrible experience: combing through account statements to figure out the extent of transactions that did not actually occur is rather unsettling. For those who find themselves in a more harrowing position of being sought after by bill collectors for accounts that they never opened it would be their worst nightmare come true.
What should service providers and organizations that handle credit card data be doing? It’s not just enough to follow PCI DSS in a checklist fashion. These organizations really have a higher level of responsibility to protect the consumer. It’s really refreshing that the PCI Security Standards Council has recognized the need to help organizations on the path to being more vigilant about protecting credit card data. This month they issued a 15-page document that details a “prioritized approach” for complying with the rules; specially designed to help those overwhelmed with the slew of 220+ requirements. This approach focuses on issues with the highest risk and building compliance milestones around (continue reading...)