(Ping! zine Web Hosting Magazine) – Security industry expert, Trust Guard, urge merchants to to be up to par with compliance standards to avoid bankruptcy in the future as the number of security breaches raise each year.PCI Compliance(payment card industry data security standard) is a set of twelve requirements set by the Security Standards Council. According to Bob Russo, General Manager of the PCI Security Standards Council in a CNET News interview, the standards require merchants to “build and maintain a secure network, protect card holder data and regularly monitor and test the networks…it covers everything from the physical security to logical security.”
Website security expert Dave Brandley, co-founder of website security company Trust Guard, said “PCI Compliance is becoming increasingly important as the number of security breaches grow each year. Companies such as TJMax who suffered large breaches in recent years were not compliant at the time”. Merchants are responsible for protecting their customers sensitive data by being constantly up to date on their compliance. The compliance process involves a security company essentially scanning the merchant, going through the requirements to make sure proper security is in place. If everything is right, the security company issues a compliance report. Afterwards it is the merchant’s responsibility to maintain that compliance which includes something as simple as updating operating systems. It is something that is continuous not just a one time thing. Brandley warns that “ security holes can open at any time, and that’s when hackers strike.”
According to both Russo and Brandley, the consequences of not being PCI compliant can be huge. “We’ve conducted surveys and of course the most important thing for customers is safety and security. Customers who believe their identity is at risk will not shop with that particular merchant. Losing business in that way can result in bankruptcy”, said Brandley. And Russo stated in his interview with CNET that bankruptcy isn’t the worst thing that can happen,“there are reputation(al) damages they have to deal with, which nine times out of ten cannot be measured in terms of dollars.”
While it is the merchants responsibility to protect sensitive data, Brandley suggested customers be more aware, “Consumers must take responsibility and be weary when shopping online. They should only be shopping with merchants who are PCI compliant and are verified. We can’t stress that enough”.
Russo ended his CNET News interview with a warning, “merchants you really have to be careful because consumers are getting smarter…and if they find out you are not protecting their data, credit card data or personal data, they’re going to walk away. And that’s going to be the downfall of your business”