By Judy Greenwald, Crain News Service
WAKEFIELD, Mass. (Aug. 12, 2014) — The payment card industry’s regulatory organization has issued guidance to help merchants and others reduce credit card security risks.
Businesses are rapidly adopting a third-party operations model that can put payment data at risk, the Wakefield -based PCI Security Standards Council L.L.C. said Aug. 7 in a statement.
It said the guidance will help organizations and their business partners reduce this risk by better understanding their respective roles in securing card data.
It said the guidance developed by a PCI special interest group of 160 organizations including merchants, banks and third-party service providers provides recommendations for meeting the PCI data security standard requirement to ensure payment data and systems entrusted to third parties are maintained in a “secure and compliant manner.”
Most retailers are complying with this standard, says an expert.
PCI said the guidance includes recommendations on how to:
• Conduct due diligence and risk assessment when engaging third-party service providers to help organizations understand the services provided and how the PCI data security standard requirements will be met by those services.
• Implement a consistent process for engaging third parties that includes setting expectations, establishing a communications plan, and mapping third-party services and responsibilities to applicable PCI data security standard requirements.
• Develop appropriate agreements, policies and procedures with third-party service providers that includes considerations for the most common issues that arise in this type of relationship.
• Implement an ongoing process for maintaining and managing third-party relationships throughout the lifetime of the engagement, including the development of a robust monitoring program.
To view the “Third-Party Security Assurance Information Supplement,” click here.
This report appeared on the website of Crain’s Business Insurance magazine, a Chicago-based sister publication of Tire Business.
Titan International and the United Steelworkers union have petitioned the U.S. International Trade Commission and U.S. Department of Commerce seeking relief from OTR tire imports from China, India and Sri Lanka. What’s your opinion?
|I wholeheartedly support their action – something needs to be done.||
|I think it’s a bad idea that could inevitably tie the hands of domestic tire makers.||
|I oppose any duties against tire importers—they only raise costs for distributors and make it harder to obtain inventory.||
|I’m kind of on the fence and not sure what’s right, but need more information before deciding.||
|I don’t really care whether or not relief is granted.||
|Total votes: 78|