PCI Outlines New Version of Standards
Digital adaptation has accelerated greatly during the pandemic and has now become the preferred means of payment for consumers and companies. As a result, the landscape is filling with additional fraud as more data needs to be shared and stored securely.
Consequently, regulators are now subjecting companies’ security practices to greater scrutiny to ensure they are addressing cyber threats to minimize risks and keep customers’ payment card data safe. Compliance standards and data security standards like the Payment Card Industry Security Standards Council (PCI SSC) have been central to explaining to companies what they need to do to protect themselves and their customers with their Payment Card Industry Data Security Standards (PCI DDS).
PCI DDS Outlines New Version of Standards
Version 4.0 of the standards has been designed to continue to meet the security needs of the complex and ever-changing payments industry. This new version boasts some of the most significant changes since 2004, including promoting security as a continuous process and no longer sampling where automation allows the assessment of every network device.
For many businesses, the changes will mean re-evaluating processes and investing in security automation and vulnerability management software to identify risk. However, for companies that have previously treated compliance as an annual tick box, the new protocols require a complete change in mindset and approach to embrace the following best practices and improve network security.
Complying with New Standards Should Be Priority
To meet the recommendation of continued security, adopting a zero-trust mindset is a wise step for all companies. Below are some tips on how to do that:
- Ensure network devices inside the perimeter (switches and routers), as well as those securing the perimeter (firewalls), are verified.
- Implement network segmentation to prevent a breach spreading across the entire network.
- Use automation to assess every network device, every day, where it’s allowed, and it will help meet compliance standards on a continuous basis.
Learn About i3 Merchant Solutions’ PCI Compliance
Contact us online or call 1-800-621-8931.
Subscribe to Card Talk
Our monthly newsletter delivers the latest payments news straight to your inbox