Companies have until 30 September to comply or otherwise face fines up to USD 500,000.
GFI Software has published a white paper to explain what the Payment Card Industry Data Security Standards (PCI DSS) are, how they affect different companies and the repercussions of non-compliance.
As from September 30, 2007 all businesses handling cardholder data - irrespective of size - have to be fully compliant with strict security standards drawn up by the world's major credit card companies. The move to tighten up security comes as an increasing number of firms report that customer data has been lost or stolen.
Credit card fraud was the most common form of identity theft with 26 per cent of all reported occurrences in 2005, with more than USD48 billion lost by financial institutions and businesses in that year and USD5 billion lost by individuals. The white paper examines the consequences of cardholder data theft and explains in detail what the PCI directive is, why it is important that companies comply with the these standards, the consequences of non-compliance and finally, what solutions are available to help companies become compliance.
The white paper also outlines how two of GFI's network security products - the vulnerability management solution GFI LANguard N.S.S., and the event logger GFI EventsManager - can help companies to meet all the 'technical' requirements imposed by the PCI DSS.
Related links: (Open in a new window.)
www.gfi.com/whitepapers/pci-dss-made-easy.pdf
www.gfi.com/lannetscan/
www.gfi.com/eventsmanager/
www.gfi.com
Taken from Information Security Bulletin.