Why PCI Compliance is Not Enough Security

Why PCI Compliance is Not Enough Security

There’s a ferry near eMazzanti’s office in Hoboken that takes commuters to mid-town Manhattan in less than 10 minutes. Because of experience and safety regulations, passengers feel confident that they will complete the journey.

Like ferry safety regulations, PCI compliance is the retail industry’s standard for safeguarding customers’ credit card information. But is it enough security to protect everyone?

Not Enough Lifeboats

The Titanic was compliant. Yet, half of the passengers lost their lives because there weren’t enough lifeboats. Remarkably, the White Star Line, the operator of the ship, actually provided more lifeboat capacity than was required by the current laws.

The problem was that the lifeboat regulations in 1912, which had not changed since 1894, didn’t account for larger ships. When the regulations were written, the largest passenger ship under consideration was less than one quarter of the weight of the Titanic.

PCI is Not Watertight Security

Target, a retail titan, was hit with a massive data breach just two months after being certified as PCI compliant. Clearly, PCI compliance does not guarantee watertight data security. It may provide some protection from liability, but unfortunately it also gives executives a false sense of security.

Retail data security threats continue to increase. PCI compliance cannot guarantee that a business will not suffer a loss of data or loss of business from a data security breach.

Data thieves are organized and well-funded experts that uncover and exploit vulnerabilities in networks and software. Standards bodies take years to develop new standards, making the standards incomplete or even obsolete when they are issued.

Wireless Security Weakness

A growing point of weakness in retail data security is their wireless networks. Almost a necessity, wireless networks provide the kind of omni-channel experience current shoppers expect. Our firm has a close relationship with a company that provides outstanding small business wireless network security technology.

WatchGuard Technologies data security solutions are the first to allow users to deploy and manage both wired and wireless network security through a single appliance in a single view. One of their red boxes will do a good job of beefing up your wireless security.

Trust the Engineers

Leading up to the Titanic tragedy, executives overruled the engineers who had recommended more lifeboats. What can retailers do to protect their customers’ and company sensitive information? Your best approach is to partner with an IT security expert who can assess your current vulnerabilities and update your protection beyond PCI compliance.

Download PDF

 

Cloud Services New York City

Recent Posts

Top 5 Collaborative Tools in Microsoft 365 Drive Productivity and Innovation

In today’s fast-paced digital landscape, businesses cannot thrive without effective collaboration. Microsoft continues its unwavering…

2 days ago

7 Essential Contact Information Tips for Email Signatures to Enhance Your Professional Image

An email signature accomplishes much more than simply telling readers who you are and how…

1 week ago

Maximizing Threat Response Efficiency with Security Copilot

Cyber security professionals work hard to safeguard companies’ information. But with criminals constantly changing their…

2 weeks ago

Why should a firm use DMARC? What is the need?

Domain-Based Message Authentication, Reporting, and Conformance (DMARC) is an e-mail security protocol designed to validate…

3 weeks ago

eCare Cloud Backup is in fashion. It’s the new you!

My job is to manage my law office’s cloud servers here at Justice Freaks.  As…

4 weeks ago

I Think I’m Dating an AI

My worst nightmare would be to date someone who isn’t who they say they are.…

4 weeks ago