PCI compliance is important, and not just for the sake of protecting credit card data. It's a simple security standard that we should all be able to easily achieve using existing tools, techniques and technologies. And if your arguement is that you can't afford to do it, then I'm not going to be buying anything through your online services.
I've commented on this subject before - and no doubt I'll be doing so again - because being compliant with the PCI standard demonstrates more than just an ability to handle online payments, it's a show of "superior security" that will reflect in your overall risk status.
There's a great blog devoted to PCI here. I recommend it.
Comments (1)
Thank you for the kind words Stuart. We are always looking for more writers on the topic of PCI (and all things related.)
It is important to understand both the intent and meaning of each PCI DSS requirement instead of trying to follow it literally, which is where many companies find confusion.
Many of the posts we write come from user submitted questions. Please feel to add your own via comments to the site.
Posted by Datasecurity | January 7, 2007 5:51 PM
Posted on January 7, 2007 17:51