With high profile credit card breaches in the news such as the TJX debacle, the PCI Data Security Standard is top
of mind for corporate IT executives. Unfortunately, with the buzz comes a new mythology. PCI is often misunderstood, causing confusion among those who must comply with the standard. This has resulted in numerous myths that value-added resellers (VARs) and service providers are likely to hear from clients. Let's look at five common myths surrounding PCI compliance to help you set the record straight.
Five myths of PCI compliance
Introduction to the myths of PCI compliance
Myth 1: PCI is hard
Myth 2: PCI will make us secure
Myth 3: Encryption is scary
Myth 4: "I don't take enough credit cards…"
Myth 5: Product X will make me compliant
About the author
John Kindervag is a 20-year veteran of the high-technology world. He is the senior security architect for Vigilar Inc., where he helps corporations design secure networks and manages Vigilar's Vulnerability Assessment and Compliance Practice. Kindervag holds a Bachelor of Arts degree in Communications from the University of Iowa.