Myth 5: Project X will make me compliant

By John Kindervag

Human nature is such that we look for the easy way out of problems. Product manufacturers understand this. Every product manufacturer worth its salt has a whitepaper on how they will make an organization compliant. Some of these whitepapers have good, comprehensive information that can help IT staff make responsible decisions related to mitigating gaps in their PCI status. Other vendors overstate their claims and promise much more than they can deliver.

Download this free guide

Could Securing Your Channel Business Be Easier? We Can Help.

Download our latest guide to the top strategies solution providers can leverage for starting up and securing a cloud practice, successful approaches to selling and marketing cloud, and why it is urgent for partners to transition now.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

PCI has 12 sections with many details within each requirement that must be met. Unfortunately no single product, or even a single vendor, can supply all of the "stuff" needed to become fully compliant.

The company who becomes PCI compliant will have a holistic security strategy that focuses much more on the big picture related to the intent of the requirements, than a point product focus that will create a management nightmare in the future.

Beware of the overpromising vendor.

Conclusion

The PCI Data Security Standard is neither difficult nor frightening. As you know, it is a positive, measured response to an enormously difficult and dangerous problem. As your client's trusted adviser, you can help them understand the value of compliance.

Five myths of PCI compliance

  Introduction to the myths of PCI compliance
  Myth 1: PCI is hard
  Myth 2: PCI will make us secure
  Myth 3: Encryption is scary
  Myth 4: "I don't take enough credit cards…"
  Myth 5: Product X will make me compliant