| Do you store sensitive credit card data
| |
| | money to stay compliant and up-to-date
|
| on your company's own internal system? If
| |
| | with current security measures. This also
|
| so, are you absolutely certain that it is
| |
| | implies a need for constant monitoring
|
| sufficiently protected? And are you
| |
| | and management and a plan of action in
|
| really sure that you understand the
| |
| | case you do detect suspicious activities
|
| consequences of suffering a security
| |
| | or a full security breach.
|
| breach?
| |
| | The unfortunate truth is that in the
|
| The unfortunate thing is that many
| |
| | daily grind of regular business, many
|
| companies, even large national chains,
| |
| | companies simply don't have the time or
|
| are not properly guarded or prepared for
| |
| | resources to devote to data security that
|
| the consequences of insufficient
| |
| | are, in truth, very necessary.
|
| security. These companies have spent
| |
| | The major benefit of remote storage,
|
| millions of dollars to implement security
| |
| | then, is that you are trusting this
|
| measures and still they suffer breaches.
| |
| | information to a company whose business
|
| New solutions were needed to cover some
| |
| | is making sure that it all remains safe.
|
| of the loopholes that had a tendency to
| |
| | Nothing else gets in the way of securing
|
| crop up in conventional security methods.
| |
| | their systems because their entire
|
| Remote storage of credit card data is one
| |
| | business depends on effectively guarding
|
| of the easier and more obvious choices
| |
| | your sensitive information.
|
| for data security.
| |
| | Now consider all the other ways that
|
| Remote storage of credit card data is
| |
| | sensitive information can be compromised
|
| also a great way to meet PCI compliance.
| |
| | on your own system. Remember, threats
|
| The PCI DSS (Payment Card Industry Data
| |
| | don't just come from outside your
|
| Security Standard) was developed to help
| |
| | company. It only takes a single,
|
| guide companies in their efforts toward
| |
| | ethically questionable employee on the
|
| implementing sufficient security. Now any
| |
| | inside to cause a lot of problems.
|
| company that processes, stores, or
| |
| | There are a couple of requirements in the
|
| transmits credit card information is
| |
| | PCI DSS that were created to deal with
|
| required to become PCI compliant, but
| |
| | this very issue. For example, the seventh
|
| this process can be a time consuming and
| |
| | requirement states that you must
|
| costly procedure. But remote storage of
| |
| | "restrict access to cardholder data by
|
| credit card data is one solution to a
| |
| | business need-to-know", and the ninth
|
| number of the PCI DSS requirements.
| |
| | requirement mandates that you "restrict
|
| The first and most obvious benefit to
| |
| | physical access to cardholder data."
|
| remote storage of credit card data is the
| |
| | In any given company there are some
|
| simple fact that criminals can't steel
| |
| | specific people who need access to this
|
| something from you that you don't
| |
| | sensitive information. But unfortunately,
|
| actually have. No matter what security
| |
| | in many given companies, many unnecessary
|
| measure you implement, chances are
| |
| | people have access to this information.
|
| there's someone out there just a couple
| |
| | And should any of those people happen to
|
| steps ahead of all the current security
| |
| | have criminal inclinations, you could be
|
| systems. In these cases, they find little
| |
| | in a lot of trouble. These are the people
|
| holes in the system and, if you aren't on
| |
| | who have physical access to your systems,
|
| constant guard, they'll get in and cause
| |
| | and these are the people who are most
|
| some serious damage. But if there's
| |
| | likely to find or steal encryption keys.
|
| nothing there for them to take, there's
| |
| | Remote storage of credit card data is a
|
| no reason for them to stick around.
| |
| | simple way to remove this sensitive
|
| Which brings up another benefit to remote
| |
| | information from the prying eyes and
|
| storage systems. If you're going to store
| |
| | reaching hands of people who should not
|
| and manage sensitive information on your
| |
| | have it. It is possibly one of the best
|
| own system then you must be prepared to
| |
| | ways to ensure data security and get
|
| spend all the necessary time, effort, and
| |
| | closer to PCI compliance.
|
