By Bruce Dragt, First Data Corporation
Many retailers did not regularly analyze cardholder data security until the Payment Card Industry Data Security Standard (PCI DSS) forced their hands. Now, they face the daunting task of segmenting networks, upgrading POS hardware and software, implementing fraud detection techniques in their online checkout procedures, and more. Retailers have to verify, through costly audits and attestations, that they have installed sufficient controls to meet the requirements of PCI DSS. Even a small breach involving only a few hundred records can be costly. Cost commitments are minor when compared to the potentially devastating economic and reputational risks of a data breach or other major violation, including industry fines, reputation damage, and uncertainty of business survival. Here are a few ways retailers can avoid a breach and reduce costs associated with being compliant.