Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Compliance Deadline Passes For Level 1 Merchants in the UK

Lumension Security : 01 October, 2010  (Technical Article)
Certain retail companies in the UK now have to conform to revised PCI compliance guidelines as explained by Lumension
UK Level 1 Merchants that accept Visa payments and process more than 6 million transactions annually will need to comply with the original v1.2 PCI guidelines by September 30 2010. The deadline means Level 1 merchants must demonstrate that they are fully compliant or risk being fined for non-compliance. This deadline comes as European director for PCI, Jeremy King, is raising awareness of PCI across Europe.

Alan Bentley, SVP International at endpoint security firm, Lumension, commented: "PCI compliance might have been around for some time, but merchants are still struggling to get their heads around the requirements. The September 30th deadline is mandating that Level 1 merchants now comply with the original v1.2 guidelines. However, the compliance puzzle doesn't end there. Version 2.0 is just around the corner. Meaning, merchants not only need to be concerned about their ability to prove compliance with v1.2, but with the steps they need to take to get to the next stage of compliance.

"All too often, organisations fall into the compliance trap and focus all their efforts on meeting the requirements of a new deadline, without thinking about the bigger picture. This broken compliance strategy is not only costly, but ineffective when it comes to security. Taking a myopic view of regulatory compliance creates a situation where merchants are constantly reinventing the wheel, wasting time and effort, and ultimately blowing security budgets.

"Merchants must avoid detaching Risk Management from compliance. PCI standards are designed as a starting point to helping build a strong security posture, but are specifically concerned with payment card data. To achieve true, continuous security across all aspects of the organisation, merchants should consider the following:

* Avoid a silo approach - don't separate compliance and risk management
* Gain visibility across security controls and regularity compliance
* Ensure processes are manageable, automated and repeatable to enable 24x7x365 compliance and security
* Enforce security policies with operational endpoint management
* Prevent the execution of malicious code by allowing only approved applications to run in an environment - this can be achieved with intelligent whitelisting
* Centralise data gathering to ease compliance reporting and audit workflows
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo