|
|
|
Lessons Learned:
Top Reasons
for PCI Audit Failure and
How
To Avoid Them
A VeriSign Whitepaper
www.verisign.com
Abstract
Since Visa mandated the Cardholder Information Security Program (CISP) in June 2001 and MasterCard® introduced the new Site Data Protection (SDP) program in June 2004,many merchants, processors, and acquiring banks have been working diligently to meet their specific requirements. Today’s Payment Card Industry Data Security Standard (PCIDSS), which combines requirements of the Visa and MasterCard programs, prevails as one of the most preeminent achievements in the information security industry. However, many merchants and service providers are struggling with the increased complexity associated with the PCI Data Security Standard. Although the drive to protect credit card data is vital, many companies have yet to implement the technology and processes needed to address the standard’s specific requirements. Even companies that have welcomed the standards are discovering holes in their PCI compliance strategy.
As a leading provider of PCI assessments and supporting security services, the VeriSign® Global Security Consulting team has performed several hundred PCI assessments since the program’s inception. The requirement failures and actual compromises that we have observed during these assessments exhibit common themes. This paper identifies proven tactics that help companies achieve PCI compliance and, more importantly, avoid compromise.
Download Complete Whitepaper
|
| |
 |
| Free Webcasts |
Free Webcast of the Week
Newsletter!
Register Now |
|
