NPMD solutions are typically not directly involved in the actual card cardholder transaction. However, given that many can potentially capture and transmit cardholder data they must be viewed as an integral part of a business’ PCI DSS compliance strategy, especially when investigating data breaches for the purposes of reporting or remediation.
Therefore, beyond satisfying your service delivery monitoring and troubleshooting requirements, be sure to verify your NPMD solution protects cardholder data and aids your efforts in PCI DSS compliance.
In today's economy, companies are trying to assess if they can afford to become PCI compliant. What many of those same companies forget to consider whether they can afford not to be compliant. Since 2007, merchants who were found to be non-compliant with PCI DSS faced fines of $5,000 to $25,000 per month from Visa. It may seem expensive for merchants to install and maintain new security measures to become PCI compliant and validated, but these costs are only a fraction of what it would cost a company to be found in non-compliance or suffer a data breach. Learn more about PCI DSS compliance and how NeoSpire Managed Hosting can help.
Published By: Tripwire
Published Date: Mar 31, 2009
How do organizations pass their PCI DSS audits yet still suffer security breaches? Paying attention to PCI DSS checklists only partially secures the cardholder environment. Learn the next steps for fully securing your data.
Engagement with customers online has evolved from novelty to necessity, with an estimated $202 billion spent in 2011 and projected 10% growth to $327 billion in 2016, according to Forrester Research. Businesses are maneuvering to connect with the growing pool of online customers, but the move to eCommerce brings new security risks with the exchange of sensitive consumer information, including cardholder data and personally identifiable information that can enable identity theft. At stake is reputation of brand, ongoing access to merchant credit lines, and substantial penalties and remediation in the event of a breach.
This white paper elucidates the aspects of PCI DSS (Payment Card Industry Data Security Standards) compliance that must be considered when choosing a secure environment for servers involved in eCommerce. Whether deciding to outsource or keep data hosting in-house, any company collecting, storing or transmitting customer cardholder data needs to be compliant, and this document helps pinpoint the specific concerns and standards a company should be aware of when choosing how to keep their data secure. Understanding requirements and best practices for security policies and procedures, physical safeguards, and security technologies is essential to establishing cardholder data security and meeting QSA and SAQ audit requirements.
DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Our portfolio of live events, online and print publishing, business intelligence and professional development brands are centred on the complexities of technology convergence. Operating in 42 different countries, we have developed a unique global knowledge and networking platform, which is trusted by over 30,000 ICT, engineering and technology professionals.
Data Centre Dynamics Ltd.
102-108 Clifton Street
London EC2A 4HW