Study Shows Businesses Face PCI Challenges
Vendors say tools that are easy to manage and deploy will help businesses achieve and maintain compliance.The Sept. 30 deadline set by Visa USA for large enterprises to comply with the Payment Card Industry Data Security Standard is looming. But even with the deadline so close, a study commissioned by EMCs security division found that many businesses are still struggling to make the grade. The study for RSA Securityperformed by Forrester Consulting, which surveyed 677 organizations across the Unite States and Europefound businesses are facing a number of challenges in achieving compliance. Forty-six percent of respondents admitted having a lack of appropriate access management measures in terms of access control, identity management and physical security. Nearly 40 percent reported a lack of appropriate monitoring and testing, while 36 percent admitted deficiencies in appropriate infrastructure management measures such as firewalls and anti-virus.
"The No. 1 thing we took away from this research is that while companies are, indeed, seeking specific products and services to address PCI DSS compliance, most merchants are looking for more than a handful of point solutions," said Dave Howell, solutions marketing manager at RSA, in Bedford, Mass. "Vendors also have an opportunity to help merchants think beyond PCI. RSA, for example, will help customers understand how the efforts they expend now may be leveraged to improve better security overall.