As a good QSA will tell you, such security standards are meant to be a baseline. Good organizations go beyond cramming for annual PCI reviews. WHAT IS PCI?The Payment Card Industry Data Security Standards “are the floor, not the ceiling” for data secruity, says Martin McKeay, a qualified security assessor (QSA) and author of the Network Security Blog. COMPLIANCE IS ONLY PHASE ONE.McKeay says some merchants only do the minimum to comply with PCI and thinks QSAs need to teach businesses that these standards are only a baseline. “There are those who see it as a pain.” ASSESSMENTS CAN BE SUBJECTIVE.McKeay emphasizes that PCI assessments aren’t clear-cut audits because many standards are open to interpretation. That makes it doubly important that you establish a good relationship and clear lines of communication with your QSA. NARROW THE SCOPE, IF POSSIBLE.You are required to assess everynetwork and system that comes in contact with credit card data. You can save yourself headaches by segmenting your network to keep that number to a bare minimum. ALLOW SUFFICIENT TIME FOR AUDITS.If you don’t allow time for the for the QSA to review your documentation, as well as for you to remedy any problems, you could put yourself in the position of begging your bank for an extension. Related content brandpost Sponsored by Rocket Software Why data virtualization is critical for business success Data is your most valuable resource—but only if you can access it fast enough to address present challenges. Data virtualization is the key. By Milan Shetti, CEO of Rocket Software Nov 28, 2023 4 mins Digital Transformation brandpost Sponsored by Rocket Software The hybrid approach: Get the best of both mainframe and cloud Cloud computing and modernization often go hand in hand, but that doesn’t mean the mainframe should be left behind. A hybrid approach offers the most value, enabling businesses to get the best of both worlds. By Milan Shetti, CEO Rocket Software Nov 28, 2023 4 mins Digital Transformation brandpost Sponsored by Rimini Street Dear Oracle Cloud…I need my own space Access results from a recent Rimini Street survey about why enterprises are rethinking their Oracle relationship and cloud strategy. By Tanya O'Hara Nov 28, 2023 5 mins Cloud Computing brandpost Sponsored by Rimini Street How to evolve IT systems into innovation engines Today’s IT leaders are more than eager to modernize with best-fit cloud solutions that drive innovation and rapid business impact, but they need to do so with ROI-based solutions. By Tanya O'Hara Nov 28, 2023 4 mins IT Leadership Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe