Keeping Pace with the PCI Data Security Standard
For organizations that accept payment cards, it can be difficult to keep up with the evolving industry standards for data security. And when updated standards emerge, you often find yourself scrambling to keep auditors happy and maintain compliance, not to mention keeping your operations secure. Think for a moment about the range of organizations accepting payment cards, and it becomes easier to understand why maintaining PCI compliance presents a real challenge to network operations and processes. Certainly big box retailers are dealing with high volume payment card transaction processing and data protection issues, but there are plenty of other impacted businesses. Right now you could use a payment card to pay at the pump, pick up the dry cleaning, renew your driver's license, pay for college tuition, charge the co-pay at your HMO, or bring home Chinese takeout for tonight's dinner. PCI compliance touches nearly every type of business and consumer service provider.
Today MegaPath announced its membership in the PCI Security Standards Council, where we will work closely with other members on the evolving Payment Card Industry (PCI) Data Security Standard (PCI DSS). So what does this membership mean for MegaPath customers?
- MegaPath now has a leadership role in the PCI community and standards process, which brings earlier awareness of security issues and potential changes in the standards to our customers.
- We can help our customers be more proactive in responding to the evolving standards, by developing new security processes and best practices, while working to keep them in compliance.
- Our Managed Security Services will become 'early adopters' of the latest standards, enabling our customers to adapt much more quickly, with greatly enhanced protection of cardholder data.
MegaPath membership in the Council builds on the strength of our data security and PCI compliance experience, which we will continue to incorporate into our managed services for retailers. Additionally, we will be launching some enhanced PCI services later this quarter that will include comprehensive log management for compliance, a self-service portal for vulnerability scanning service with quarterly PCI certifications by MegaPath, and finally, real-time detection and reporting of rogue wireless devices that may potentially infiltrate a retailer's cardholder data environment. This capability isn't easy to implement at the store level, and the associated monitoring at the company level can become overwhelming—our managed service offerings fully address this need.
What are your biggest challenges in securing your operations and maintaining compliance with PCI?