Refresh Your PCI Compliance Strategy and Get Ready for 4.0
2020 will be an eventful year in the world of payment card security. PCI DSS compliance declined for the fourth consecutive year in 2019, while data breaches continued to make headlines. With an updated set of requirements on the horizon, organizations with PCI obligations should be taking a close look at their compliance strategies and technology.
A new impact brief from Aite Group provides key insights into the current state of PCI DSS compliance, and takes a look at how automated data redaction can help organizations prepare for PCI 4.0, which is expected to be released in late 2020.
Dealing with PAN
The most important question facing retailers, banks, and other companies in the payment card ecosystem is how to handle personal account numbers (PAN). PCI standards require PAN to be protected at all times, which leaves organizations with a difficult choice. The more PAN an organization maintains in its systems (especially in the form of unstructured data), the more complicated and expensive security becomes. But without access to account data, organizations can disrupt critical business processes like market analysis and secondary transactions.
In the paper, Aite Senior Analyst Joe Krull examines how organizations are approaching the problem of PAN protection today, and how the revised requirements anticipated in PCI DSS 4.0 may change the picture.
The case for redaction
The Aite paper also describes how redaction solutions like PKWARE Data Redaction can help organizations manage PAN data and meet their PCI compliance goals. By automatically removing the middle digits from credit card numbers in unstructured data (such as spreadsheets, documents, and PDFs), PKWARE can protect PAN from unauthorized use and remove data from the scope of PCI audits.
Aite's Impact Brief, Refresh Your Payment Card Industry Compliance With Automated Redaction, is available as a free download courtesy of PKWARE.