Today more than two thirds of all payment transactions will use a card, meaning around $20 trillion in purchases will be on plastic by the end of 2015. This makes security an increasing priority for any business that handles card payments and data.
Earlier this year Verizon’s 2015 PCI Compliance Report highlighted that 80% of businesses will fail their interim PCI check. But why would that be? What factors could change so significantly in that time?
Verizon claim the problem is due to organisations not knowing PCI DSS but you would think that after six years and three versions most would have an overall understanding of the requirements. And they already were compliant, what could change so much in that time?
Only technology moves that fast. The challenges of maintaining the segregation and security of card data are caught up in a world of shadow IT, cloud computing and mobile devices that can access networks from anywhere. Unless systems that hold payment data are adequately separated from all this other noisy and very connected technology it’s not surprising that organisations will struggle to stay compliant.
There is no doubt that increasing visibility of how systems are being accessed and used across a network can help you protect that card data and also prove compliance.