Due to the seriousness of the consequences associated with credit card data theft and the increasing deftness of data thieves, the Payment Card Industry Data Security Standard (PCI DSS) was formed to implement a set of requirements designed to ensure businesses are processing and storing credit card information in a secure manner. Although often misconceived as government regulations, the PCI DSS mandates were created by the major payment card brands (VISA, MasterCard, American Express, Discover and JCB) and apply to all businesses and organizations that process and store credit card data, regardless of business size, type or number of transactions. Businesses deemed non-compliant after an audit may be charged hefty fines and, in some cases, eventually lose card processing privileges altogether.
Consider a few shocking statistics on the potential consequences for businesses associated with credit card data theft:
- A 2008 study by the Ponemon Institute, an organization that researches information security policy and data protection, found that businesses lose 31% of their customers after a breach of credit card data.
- The same 2008 study by the Ponemon Institute reports the total cost of a data breach currently averages at $202 per record. Based upon this statistic, if a business has 100 credit card records on file, for example, a single data breach could cost a business over $20,000.
- A study conducted the following year found that 71% of the companies surveyed do not put PCI compliance as part of their corporate strategy and 79% had experienced at least one data breach.
The costs involved in creating a secure environment for credit card data or client data in general often dissuade businesses from taking the necessary steps to become PCI DSS compliant, but be assured that the costs of non-compliance and potential security breaches are radically greater. 3D offers affordable technologies and expertise that, when implemented, not only enable businesses to meet PCI DSS requirements, but also improve the security of their entire network. Network monitoring, SafetyNet Alerting™, firewall and content filtering appliances, patch management and event reporting are some of the services 3D provides to create the secure environment that PCI requires and clients deserve. These security solutions also create a best practices operating environment that provides businesses with ongoing benefits during normal business operations in addition to mitigating the risk of a data breach. The potential for downtime and service costs for businesses decrease as security threats in general are prevented and quickly resolved as a result of implementing ongoing network security services.
If you are unsure whether your business is meeting PCI DSS requirements, contact your Merchant Services Provider, who can help you determine if your business is compliant or if you need to make technology enhancements to increase the security of your data. 3D can assist your business in making these security enhancements, which will also improve the overall security of your network. For more information on the security solutions 3D can provide your business, visit our website at http://www.3dcorp.us/, email us at info@3dcorp.us, or call us at (360) 671-4906. Additional useful tools and information regarding PCI compliance can be found at the websites of our references below.
References: PCI Security Standards Council™; WatchGuard PCI Compliance Tools; PCI Compliance Guide; Ponemon Institute PCI DSS Compliance Study 2009
Posts
0 comments:
Post a Comment