IT security suppliers have formed an alliance to advise
businesses on how to meet security standards required by credit
card companies for processing online transactions.
The Payment Card Industry Security Vendor Alliance, launched
today (30 January), aims to provide IT departments with advice on
how they can meet the
Payment Card Industry Data Security Standard
- a benchmark to improve the security of card transaction
processes.
"One of the things we are trying to do is make sure people
understand what it takes to achieve compliance," said Dave Taylor,
vice-president for data security strategies at information security
management firm Protegrity, a founder member of the alliance.
"It's not simply about buying a product. A lot of it is to do
with physical access controls, how a building is set up, and
separating people who need to know confidential information from
those who don't."
The alliance believes that the PCI standard has wider
applicability across businesses as a benchmark for security,
irrespective of whether they need to support online credit card
transactions.
The alliance initially comprises ConfigureSoft, Cyber-Ark,
Proginet, Protegrity and Safe-Net, and other security services
suppliers are expected to join.
www.pcisecuritystandards.org/tech
www.mastercard.com/us/sdp
Comment on this article:
computer.weekly@rbi.co.uk