11:47 AM
Nancy Feig
Nancy Feig
Connect Directly

Data Security Firms Establish PCI Security Vendor Alliance

Organization aims to develop, raise awareness of payment card standards.

Eight data security companies have formed an alliance to educate the business community on the requirements and the business value of the Payment Card Industry Data Security Standard (PCI DSS). The new Payment Card Industry Security Vendor Alliance (PCI SVA) will develop products and services to assist members of the payment card industry and the PCI Security Standards Council composed of merchants, banks and point-of-sale vendors in education and compliance about the standard, a global benchmark intended to improve security throughout the entire payment card transaction process.

The PCI DSS is built around five principles and 12 accompanying requirements. The principles include: build and maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement strong access control measurements, regularly monitor and control networks, and maintain an information security policy.

Founding members of PCI SVA ConfigureSoft Inc., Cyber Ark Inc., Modulo Security, Proginet Inc., Protegrity USA Inc., Reflex Security, SafeNet Inc., and Verisign will also support the business community by providing flexible PCI Data Security Standard solutions to address the needs of system integrators and business users. According to the group's Web site, each of the founding members is a vendor that offers products and/or services that deliver compliance with one of more of the 12 PCI DSS. The groups also says its looking for additional members that will provide all the data functionality required by the PCI DSS.

"Even with all the press on data security breaches and the corporate and personal costs that accrue from them, there is still only limited awareness of the PCI data security standards," said Jon Oltsik, senior analyst, Enterprise Strategy Group. "The standards impose compliance rules that enterprises handling credit or debit card data must resolve from business and technology perspectives. The PCI SVI is a valuable component in addressing this issue holistically."

To demonstrate the business value of PCI DSS solutions, and their value in meeting other regulatory privacy and data security directives, the PCI SVA also plans to create a series of case studies, seminars, return-on-investment analyses and white papers showing how organizations may achieve compliance with the PCI DSS requirements efficiently and on budget.

Because the PCI DSS requirements are so detailed and market-stringent, the alliance advocates compliance to PCI DSS in meeting the numerous state, national and regional laws governing other business activities concerning systems security and privacy.

PCI SVA members plan to leverage this knowledge to support and complement the objectives of Visa, MasterCard, American Express, Discover and JCB in securing the sensitive data processed by their merchant partners.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.