Insight given into PCI DSS changes

The Payment Card Industry Data Security Standard (PCI DSS) is to face a number of changes in November, which companies will need to be aware of.

A preview of the new standards has been made available by the PCI Security Standards Council (PCI SSC), which it says will help companies be more flexible in their approach to security.

General manager of PCI SSC Bob Russo explained that although many organisations now have a good understanding of the regulations, implementation remains one of the biggest obstacles.

He continued: "The challenge for us now is providing the right balance of flexibility, rigor and
consistency within the standards to help organisations make payment security business as usual. And that's the focus of the changes we're making with version 3.0."

Among the updates that are set to be included in the update are new requirements for point-of-sale terminal security, as well as increasing education surrounding password strength and complexity.

Further to this, there will be more stringent requirements for penetration testing and validating segmentation as a result of the revised PCI DSS.

The finalised version will be published on November 7, with the standards due to come into force on January 1 next year.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s