Firms must work closer with their credit card payment processor to improve their data security standards governing payment services. Author: Chris Taylor
Firms must work closer with their credit card payment processor to improve their data security standards governing payment services.
That’s the conclusion of a report conducted by researcher group Gartner, which found that not all firms are observing strict compliance with Payment Card Industry Data Security Standards (PCI DSS).
In a survey of 383 IT managers that sought out trends in buying behaviours for future security spending, it was revealed that one in five (18 per cent) admitted to not being PCI-compliant, Gartner.com reported.
The firm’s research suggests that while IT security on the whole remains a priority for an organisation, PCI compliance is easily overlooked. It said that this was probably related to IT managers trying to balance the books.
“Given that many of the technology providers in the security market target their products and help with PCI-related compliance initiatives, it came as something of a surprise that such a high percentage of survey respondents said that they were not PCI-compliant,” commented Lawrence Pingree, research director at Gartner, who was cited by PC Pro.
Pingree says that card-handling companies must work closely with their payment processor to make sure that they abide by the law and the comply with the most up-to-date security standards.
“Technology and service providers should continue to market their ability to help solve customer issues with compliance for the PCI security standards,” he said.
Pingree added that end-user organisations must also work more closely with staff to address the awareness of their PCI DSS compliance in the workplace.