Storing and Transferring Data in the Cloud (Securely): Myth or Reality?
By
Steve Hess
Facebook
Facebook
Twitter
Twitter
LinkedIn
LinkedIn
Email
Email
1 Comment
Comments
1. Understand the difference between PCI compliance and certification. It may sound obvious, but this is one of the biggest — and most important — things businesses must understand in order to protect themselves and their customers:
- PCI compliance is a self-assessment that can be reviewed and confirmed by an audit. This status is claimed by almost every financial services company. Even some companies not in the industry use this as a benchmark.
- PCI certification is the time- and resource-intensive third-party assessment that must be reviewed and confirmed by an audit. Traditionally, this was only relevant for level-one service providers (i.e., the big-time players).
While annual PCI certification is a top priority for many companies (taking up valuable time and resources), it's important that an IT team remain vigilant in PCI compliance throughout the year.
1 Comment
View Comments
Steve Hess
Author's page
Related Content
Comments