Author: Terry Kurzynski, ISO 27001 Auditor, CISSP, CISA, PCI QSA
As we rang in the New Year, the transition year for PCI v3.0 compliance came to a close. All businesses are now required to be compliant with version three of the PCI Data Security Standard (DSS). But did you know that a handful of the requirements are still considered best practice until they become full requirements on July 1, 2015? The following is a quick summary of those four requirements; and you still have a few more months to fully implement them:
If your organization has already implemented one or all of these requirements, you are ahead of the curve…but don’t be left behind! If you have not implemented requirements 8.5, 9.9, 11.3 and 12.9, you need to start thinking about it now so that you’re in full compliance by June 30, 2015. Need help? Download our PCI v3.0 Guide located in our Resource Center for more information!
Get Ready for PCI DSS v4.0
For PCI recommendations on payment processing with newly remote workers, PCI SSC suggests a review of key areas to protect payment card data. Read Article: Payment Processing in a Remote Working Environment