.puters-and-Technology The payment card industry PCI data security norms have been built by the major credit and debit card .panies. These set of tools are guidelines for those merchants who store the cash card data, process it and transmit credit towards them. In the recent times there have been situations of high profile security breaches. This has lead to the customers paranoid as they think that the merchants have not implemented enough security to protect the sensitive data. Being in par with this payment card industry data security standards is indeed tough. It is also time consuming and a difficult tasks besides being an expensive endeavor too. To motive the online business ventures to follow these rules they have attached some benefits and incentives to it. Fines and penalties too have been imposed so that the requirements are fulfilled. The documentation of payment card industry security standard policies and the procedure of documentation is a critical .ponent. Most of the online ventures know the importance of .plying with these. The assessment process is a large part of the security policy. The other problems regarding this are that most .panies do not have the internal resources nor do they have time to develop the PCI standards. Many of them even fail to understand the policy too. The recent payment card industry security version (1.2.1) calls for various documentations of the PCI policies on a wide range of I.T resources. There are various requirements which need to be fulfilled. Among them the notable ones are- Data retention and disposal policy The password management regulations The antivirus policies and procedures Changing the management guidelines These sets of security standard are maintained so that the online ventures can prevent hackers breaking into their sites and stealing the confidential data which are stored. There are many such policies which these e.merce portals have to abide by which if not followed may lead to various penalties like paying huge fines and also discontinuation of their ventures. Some other policies which these .panies have to abide by are Formal Risk assessment and risk management programs Various security awareness programs The incident response plan Usage policies for the en-uses technology A list of IT roles, responsibilities and requirements for the various personnels Lot of hard work is required in drafting, assessing, revising and publishing of the documents. This is the reasons why most of the merchants and business seek help of specialized people to help them in the .pletion of the tasks. These specialized ones know exactly about the various payment card industry standards. The specialists not only help in drafting the policies and standards but along with that update it time to time. These consultants charge high fee for documentation of the policies which be.es difficult for many .panies. Indeed there is an alternative to hiring these consultants. The .panies can purchase the standard templates from a reputed vendor. About the Author: 相关的主题文章: