PCI and Data Security: The Prioritized Approach and a Look Ahead
In March, 2009, the Payment Card Industry (PCI) Council introduced a Prioritized Approach to its Data Security Standard (DSS), incorporating five years of industry experience into its recommendations. The prioritized approach helps firms optimize their efforts to reach an industry-standard threshold for information security. But experience proves that DSS compliance alone is no assurance of data protection. By following a few basic principles, organizations can align DSS compliance initiatives with information-security technologies and expertise that have proven their value in the Payment Card Industry and beyond.