Dell SecureWorks Launches Resource Center To Help Organizations Become PCI Compliant And Strengthen Security
Dell SecureWorks, an industry leader in information security services,
has launched a new
Compliance Resource Center to help organizations meet and maintain
compliance with the Payment Card Industry Data Security...
Dell SecureWorks, an industry leader in information security services, has launched a new PCI Compliance Resource Center to help organizations meet and maintain compliance with the Payment Card Industry Data Security Standards (PCI DSS), and to help strengthen their overall security posture. PCI DSS requires any organization that transmits, processes or stores payment card information to protect the privacy and confidentiality of that data. The PCI Compliance Resource Center features a wide range of white papers, videos and webcasts that address PCI challenges, PCI DSS remediation, and consulting and information security services offered by Dell SecureWorks. PCI standards require organizations to build, maintain and monitor a secure network to protect cardholder data, as well as maintain a vulnerability management and information security program. Common challenges for merchants include identifying and segmenting cardholder data, assessing their current state of compliance, remediating any problems that are found, and maintaining ongoing compliance. Regardless of how many transactions they process, merchants must demonstrate PCI compliance annually. Those that are not PCI compliant can face steep fines from their acquiring banks, and in some cases, have their payment card privileges revoked. Fines can range from $2,000 to more than $100,000 per month for PCI compliance violations, plus additional fines for repeat violations, depending on the merchant’s acquiring bank. To demonstrate ongoing compliance, organizations must submit annual Reports on Compliance (ROC) or Self-Assessment Questionnaires (SAQs), and must scan their networks at least quarterly for security vulnerabilities. Although maintaining a PCI compliant status can prevent organizations from being fined, it is not enough to protect merchants from data breaches. “Many organizations mistakenly believe that once they are compliant their corporate networks are secure, but many companies that were PCI compliant have been breached,” said John Cartwright, Security Systems Principal Consultant, Dell SecureWorks. “In reality, when you take care of information security issues first, becoming PCI compliant should fall into place. And when you understand security and can accurately interpret the PCI requirements, you can find cost-efficient ways to meet them.”