Retail stores' IT requires PCI compliance and beyond

Retail stores' IT requires PCI compliance and beyond

Compliance with PCI data standards is not optional. Making sure customer payment data is secure is one of a company's central responsibilities as a retail outlet. According to Convenience Store Decisions, however, optimal IT security uses PCI compliance as a baseline rather than a final destination. The source noted that there are several new security products available to protect payment card data at the point of sale and beyond.

PCI as a baseline

Jeremie Myhren, retail director of information technology at Road Ranger, told the source that many of the tenets of the PCI code are common-sense procedures that retailers should be following rather than arcane or specific rules. He noted that new encryption systems may help companies become more secure than they would be with baseline compliance requirements met.

According to the source, the benefit of maintaining a compliant and complex data security system ties in with the mentality of cybercriminals. Many high-tech thieves, it asserted, are members of organized crime rings operating high-volume operations and will simply ignore any company with good defenses rather than engage in a continuous effort to break into the systems.

Companies developing their own applications for transaction, a large group in the current app-based marketplace, need to make sure their systems are ready to keep data safe. This could mean application security services from a third-party vendor, especially if the developing company is too small for an internal security team.

Slight changes in compliance

There are numerous problems that can compromise a company's compliance and security strategy. Dark Reading recently singled out some of the more common problems present in the industry. The source noted that some companies do not engage in tests and assessments before sending the application to the PCI council for testing. One problem could make an audit go poorly, meaning companies can greatly increase their chances for success with a detailed check.