Magazine Article | January 19, 2012

Can A Managed Network Service Simplify PCI Compliance?

Source: Innovative Retail Technologies

February 2012 Integrated Solutions For Retailers

By Darrin Henry, vice president of sales engineering, United Network Services, Inc. (UNSi)

Merchants are utilizing managed network services to reduce costs and simplify PCI compliance.

Four of the six components of the PCI DSS (Data Security Standard) concern one area of a merchant’s IT infrastructure — the network. Merchants are required to:

  • Build and maintain a secure network.
  • Encrypt transmission of cardholder data across open, public networks.
  • Implement strong access control measures.
  • Regularly monitor and test networks.

Merchants spend money on routers and firewalls, network access points, and intrusion detection/prevention systems. They also spend time and money to hire experts to configure the network to meet compliance standards and to manage the network to ensure that it remains that way. They pay the assessors to scan the network for vulnerabilities, and they pay again to fix configuration or other technical issues if a problem is found.