OTTAWA, Nov. 10, 2014 /CNW/ - A surprising number of companies that handle credit card transactions report that they will not be compliant with the Payment Card Industry's PCI 3.0 platform on time for the deadline of January 1st 2015. In fact, according to research by NTT, only 30% of companies that process or handle credit cards will be ready on time. Companies should be asking any partner that is handling credit card information on their behalf if they are PCI 3.0 compliant. Not doing so puts your company and its clients at risk.
The PCI 3.0 Standard sets security requirements for all companies that access, store or transmit cardholder data and personally identifiable information. The PCI 3.0 Standard was published a year ago and technically has been in effect for all of this year. Protecting customer information should be at the top of every business's to-do list and failing to take the required steps can have real consequences both to a businesses' reputation and its profits.
Analysts agree that following the new PCI standard will enable organizations to avoid most breaches, including the one suffered by Target earlier this year. As reported in Bloomberg News back in March, the Target breach could have been avoided had Target adhered to the new standard. Why then are companies not adhering to PCI 3.0?
One reason is the change from PCI 2.0 to PCI 3.0 is significant. PCI 3.0 requires companies to ensure not only the right technology is in place, but also to establish and adhere to specific organizational processes and policies and the organizational structures that support them. Fundamentally changing work environments is a big undertaking.
Fortunately, there are applications available that can help simplify this process and ensure PCI 3.0 compliance. Becoming familiar with these could create a huge advantage over the competition. Investing in audit applications that run across your IT networks ensuring that all required administrative protocols are in place, and that networks are configured properly with updated software, can save significant amounts of money and time. Audit software will become ever more important as the world moves into the Internet of Things; PCI 3.0 security isn't just for computers: any device attached to your network is implicated, including your phone system if you are using voice-over-internet-protocol (VoIP).
VoIP customers are in luck though. An easy-to-use application, VoIPaudit, from VoIPshield Systems performs a comprehensive audit of your VoIP network that alerts you immediately to any problems and how to remediate them. It checks for PCI 3.0 as well as other compliance standards such as COBIT 5.0, NIST-800 and ISO 27002. VoIPaudit can be purchased and downloaded from www.voipshield.com.
Don't wait for a breach to happen before you take action. There are only 2 months left to ensure your company complies with credit card handling standards, after which time you may not be able to take a customer's money.
SOURCE: VoIPshield Systems Inc
For further information: Erin Kelly, CPA, CMA, Vice-president, Marketing, VoIPshield Systems, Inc., Mobile: 613.322.0631