Minnesota State Spearheads PCI DSS Legal move
In a major development, with potentially huge impact on the data security practices of companies worldwide, Minnesota has become the first state in the USA to enact into law a key component of the Payment Card Industry Data Security Standard (PCI DSS).
Until this ruling, non-compliant organisations faced the threat of severe fines and restrictions, but the choice of whether or not they implemented a compliance programme was ultimately their own.
Now, for the first time, a refusal to follow major aspects of PCI DSS will be considered a criminal offence, and Minnesota’s lead looks likely to start an avalanche of similar PCI DSS related Acts, with California and Texas amongst those close to implementing similar measures.
The implementation of such PCI DSS-related legal Acts is hard evidence of the increasing importance with which government and corporate organisations view credit card data security. It seems that the Payment Card Industry DSS is very much here to stay, and organisations that refuse to implement its common sense protective measures may increasingly find themselves in an untenable position.
The importance of maintaining absolute security with regard to credit card data cannot be overstated. As Visa warned in its August 2006 bulletin, “With little effort, a duplicate card can be created using track information that will appear indistinguishable from the original card during the authorization process.”
In response to increasing demand, leading UK Information Security company 7Safe has developed the PCI Fundamentals training course. This comprehensive, yet very accessible one day exploration of PCI DSS is designed to give attendees the knowledge and confidence to immediately make informed decisions on every aspect of the standard.
It is an ideal course for those companies that are not yet compliant, but who take the security of their data seriously and want to know how to proceed swiftly and effectively with their own compliance programmes.
7Safe is one of only a handful of UK companies that have been awarded Qualified Security Assessor status by the PCI Security Standards Council, and they also have a proven heritage in all relevant aspects of Information Security consulting, auditing and education.
The next PCI Fundamentals course will take place on the 25th July 2007, at 7Safe’s state-of-the-art training facility in Cambridge. To book a place on this course, or to book a bespoke version of the course at a location of your choice, call 7Safe on 0870 600 1667