Is Retail Data Security Really That Tricky?

As the retail industry struggles with data security standards, our panel of experts suggests that attaining PCI DSS (Payment Card Industry Data Security Standards) compliance isn't, in fact, all that hard.

The retail industry's effort to bolster enterprise and network security is fueled by recent high-profile security breaches that have put consumer credit accounts – not to mention identities – at risk. These breaches are fueling business for many auditors and security companies. Some analysts predict significant growth for POS hardware manufacturers and software providers based on retailers' efforts to implement solutions that lead to compliance. Achieving PCI DSS and getting certified compliant is a key project for thousands of retailers who aren't yet validated.

Make no mistake; the breach cases that made the mainstream news aren't magnifying an insignificant problem. Steve Ward, director of retail industry solutions at IP infrastructure service provider Savvis, says the PCI DSS is a top-three discussion item with every retailer his company engages. "Identity theft, a potential consequence of lax retail data security, is a scourge faced by our generation," says Ward. "The roots of the scourge are often traced to retail, which makes it a priority for retailers interested in selfpreservation." Michael Petitti, senior VP at security solutions vendor AmbironTrustWave, sheds light on retail data security problems. "Our forensics department worked on more than 200 cases in the past 24 months, the majority of them retail card compromises," he says. "Merchants and service providers have upped inquiries about our services tenfold." Increased interest by merchants is a trend noted by all three vendors in this article, including network security compliance solutions provider Cybertrust's Jennifer Mack. Mack is director of compliance product management there. "Incentive to get compliant and penalties imposed for noncompliance are driving a healthy business. The standard has teeth, and progress is being made," she says.