Why PCI Compliance is Not Enough Security
There’s a ferry near eMazzanti’s office in Hoboken that takes commuters to mid-town Manhattan in less than 10 minutes. Because of experience and safety regulations, passengers feel confident that they will complete the journey.
Like ferry safety regulations, PCI compliance is the retail industry’s standard for safeguarding customers’ credit card information. But is it enough security to protect everyone?
The Titanic was compliant. Yet, half of the passengers lost their lives because there weren’t enough lifeboats. Remarkably, the White Star Line, the operator of the ship, actually provided more lifeboat capacity than was required by the current laws.
The problem was that the lifeboat regulations in 1912, which had not changed since 1894, didn’t account for larger ships. When the regulations were written, the largest passenger ship under consideration was less than one quarter of the weight of the Titanic.
Target, a retail titan, was hit with a massive data breach just two months after being certified as PCI compliant. Clearly, PCI compliance does not guarantee watertight data security. It may provide some protection from liability, but unfortunately it also gives executives a false sense of security.
Retail data security threats continue to increase. PCI compliance cannot guarantee that a business will not suffer a loss of data or loss of business from a data security breach.
Data thieves are organized and well-funded experts that uncover and exploit vulnerabilities in networks and software. Standards bodies take years to develop new standards, making the standards incomplete or even obsolete when they are issued.
A growing point of weakness in retail data security is their wireless networks. Almost a necessity, wireless networks provide the kind of omni-channel experience current shoppers expect. Our firm has a close relationship with a company that provides outstanding small business wireless network security technology.
WatchGuard Technologies data security solutions are the first to allow users to deploy and manage both wired and wireless network security through a single appliance in a single view. One of their red boxes will do a good job of beefing up your wireless security.
Leading up to the Titanic tragedy, executives overruled the engineers who had recommended more lifeboats. What can retailers do to protect their customers’ and company sensitive information? Your best approach is to partner with an IT security expert who can assess your current vulnerabilities and update your protection beyond PCI compliance.
The office worker of even 20 years ago could scarcely envision today’s dynamic and interconnected…
Artificial Intelligence (AI) has taken center stage, captivating attention primarily through its role in self-driving…
The ability to generate compelling, original images using AI is changing the way we think…
With Microsoft Dynamics 365 Sales, businesses gain a powerful tool for nurturing leads, leveraging AI-based…
Annual Channel Futures MSP 501 global ranking identifies industry’s best-in-class businesses on Tech Industry’s most…
Carl Mazzanti is the president of eMazzanti Technologies in Hoboken. You engage with vendors…