Home > Myth 5: Project X will make me compliant
Top 5 Myths:
EMAIL THIS

Myth 5: Project X will make me compliant

13 Aug 2007 | SearchSecurityChannel.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

By John Kindervag

Human nature is such that we look for the easy way out of problems. Product manufacturers understand this. Every product manufacturer worth its salt has a whitepaper on how they will make an organization compliant. Some of these whitepapers have good, comprehensive information that can help IT staff make responsible decisions related to mitigating gaps in their PCI status. Other vendors overstate their claims and promise much more than they can deliver.

PCI has 12 sections with many details within each requirement that must be met. Unfortunately no single product, or even a single vendor, can supply all of the "stuff" needed to become fully compliant.

The company who becomes PCI compliant will have a holistic security strategy that focuses much more on the big picture related to the intent of the requirements, than a point product focus that will create a management nightmare in the future.

Beware of the overpromising vendor.

Conclusion

The PCI Data Security Standard is neither difficult nor frightening. As you know, it is a positive, measured response to an enormously difficult and dangerous problem. As your client's trusted adviser, you can help them understand the value of compliance.


Five myths of PCI compliance

  Introduction to the myths of PCI compliance
  Myth 1: PCI is hard
  Myth 2: PCI will make us secure
  Myth 3: Encryption is scary
  Myth 4: "I don't take enough credit cards…"
  Myth 5: Product X will make me compliant
About the author
John Kindervag is a 20-year veteran of the high-technology world. He is the senior security architect for Vigilar Inc., where he helps corporations design secure networks and manages Vigilar's Vulnerability Assessment and Compliance Practice. Kindervag holds a Bachelor of Arts degree in Communications from the University of Iowa.

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Regulatory Compliance
Red Flags Rules compliance: Are your customers informed?
PCI compliance guide: A resource for solution providers
PCI DSS pre-assessment services: Prelude to a QSA
The impact of PCI compliance on the channel
Compliance drives opportunities for security integrators
How to turn the HIPAA compliance changes into opportunities
Data protection services offer revenue for security solution providers
Agiliance and McAfee partner for better governance, risk and compliance services
SonicWall announces partnership with Western NRG
Building a framework-based compliance program

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


HomeNewsTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts