White paper answers questions about PCI DSS

White paper answers questions about PCI DSS

With many businesses seemingly confused about certain aspects of PCI DSS, Securosis has put out a white paper on how to implement tokenization, meet PCI compliance and lower costs for a business.

"Tokenization is highly effective for lowering both risk and the cost of PCI compliance through scope reduction, as evidenced by forward-thinking retailers that have already reaped the benefits of this relatively new data security model," said Christopher Hale, VP Product Marketing at Liaison. "The new guide from Securosis succinctly spells out for merchants the 'whys' and 'hows' of tokenization in no-nonsense language. We encourage merchants, auditors and QSAs to download it today to clearly understand what steps they should take to start reaping the unique benefits of tokenization, as well."

Questions asked and answered by the white paper include "what are the audit guidelines" and "what falls out of scope?". The report's author, Adrian Lane, analyst and CTO at Securosis, has experience in the field and tries to impart it to the reader, the company said. In addition to advice, the paper includes tools such as a tokenization audit checklist.

Many businesses and executives may need a refresher course on how to have data security for a business credit card system, as Gartner recently pointed out that about 18 percent of businesses are not following PCI compliance guidelines.