This page contains a Flash digital edition of a book.
HORIZONSSANDERSON
19
PCI DSS IN 2010
ARE YOU COMPLIANT?
Stephen Horton outlines his thoughts on what impact the Payment Card Industry Data
Security Standards (PCI DSS) are likely to have this year

R
esident PCI expert at Sanderson RBS, be potentially devastating to a business. All Recognising the importance of PCI,
Horton told Retail Technology what he retailers should therefore be talking to their Sanderson joined the PCI Security Standards
expects from the PCI Council in 2010: banks and working with their IT suppliers to Council as a Participating Organisation in
“The deadline for Level 1 and 2 merchants to address their data security issues, to protect 2009 and Horton represents Sanderson and
be PCI ‘compliant’ is 1 July 2010, so we expect themselves and their customers from fraud.” its clients at Council meetings.
signifi cant activity in this area in the early part
of this year.
“2009 saw a number of companies
facing fi nes following data breaches. So, we
therefore anticipate that the PCI Security
Standards Council will continue in its quest
to further protect consumers from data theft
and fraud. However, there is still confusion
among retailers as to what PCI compliance
entails and the plethora of supposed
‘compliant’ solutions within the marketplace
has done little to alleviate this confusion.”

Understanding and achieving
compliance
“The grouping of retailers is based upon the
number of credit card transactions processed
each year, and the procedures each must
follow for compliance is based upon this
grouping,” Horton explained. “Each retailer’s
acquirer should inform them which group
their business is within, and therefore what
they will need to do to be compliant – Level
1 or 2 merchants will need to act quickly to
meet the deadline.
MAINTAINING A
“To date, two PCI Data Security Standards
have been released; the third is expected in
SECURE ESTATE
October 2010. Adherence to the Standards
is mandatory and non-compliance can lead PCI standards are set by the PCI Security Standards Council to help protect consumers,
to substantial fi nes and, in some cases, the businesses and banks from theft of data. Therefore, the ultimate PCI goal for retailers is to
withdrawal of acquiring services, which could maintain a secure estate.
As a participating organisation within the Council, Sanderson has developed eSecure: a
solution that is proven to effectively protect retail business systems from attack by placing a
virtual shield around their estate.
An ‘agent’ is deployed to each device and the estate is secured and ‘locked down’. Logs
are collected and delivered to a secure off-site facility, where full 24-hour monitoring takes
place. If a breach is attempted, it will be detected and resolved; ensuring your business and
customers are protected from data theft.
For more information contact on eSecure, contact Sanderson RBS on 024 7655 5466.
JANUARY/FEBRUARY 2010 RETAIL TECHNOLOGY
Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40
Produced with Yudu - www.yudu.com