You are currently browsing the Electronic Payment Security weblog archives for January, 2007.
- February 7, 2007: New Techniques for Guarding Financial Data
- February 6, 2007: Increased Scrutiny From Card Associations in 2007
- January 28, 2007: The State of PCI Compliance 2007
- January 23, 2007: Background Checks on IT Personnel
- January 5, 2007: 100 Million Notifications of Data Breaches in US
- December 17, 2006: Inside Jobs: The Risk of Data Breach From Insider Threats
- December 12, 2006: Card Associations Step Up PCI Enforcement
- December 1, 2006: CompTIA Survey Emphasizes Importance of Security Training
- December 1, 2006: CompTIA Survey Emphasizes Importance of Security Training
- November 16, 2006: Average data breach costs $5 million
Credit Card Companies
FAQ
Helpful Sites
Archive for January 2007
The State of PCI Compliance 2007
January 28, 2007 by tim.
Ellen Messmer has written an excellent article in the 1/25/07 edition of Network World entitled “Credit Card Industry Struggles to Enforce Security Standard.”
Rob Tourt, vice president of network services at Discover, comments on the state of PCI compliance and admits that compliance is not widespread. “All the merchants are required to comply with the PCI data-security standards or face fines.”
Ms. Messmer writes that “Visa’s new approach calls for levying punitive fines on banks that fail to get their merchant customers to comply with the PCI standard….”
A very interesting fact is that, according to Visa, only 36% of level 1 merchants is PCI compliant and only 15% of level 2 merchants. Visa levied $4.6 million in fines in 2006.
Perhaps the most interesting part of the article is Ms. Messmer’s assessment that “The frequency of news about data breaches could soon put the card-processing business community in the hot seat with Congress. The new chairman of the House Financial Services Committee, Barney Frank (D-Mass.), voiced dismay earlier this month over the TJX breach, and his aides suggested he might consider legislation aimed at payment-card protection.”
Posted in Payment Card Industry / Credit Card Security | No Comments »
Background Checks on IT Personnel
January 23, 2007 by tim.
Alice Snell has written an excellent article in the 1/22/07 issue of Network World entitled “IT Security Gets Personal.” She builds the case for conducting background checks on IT staff and cites interesting statistics related to background checks. For example, an estimated 7% to 12% of applicants are rejected due to results of background checks, with about 5% to 6% due to criminal issues and about 2% to 4% due to false information provided on resumes or job applications.
The article includes another astounding statistic: 75% of banking employees have stolen from their employers, according to U.S. Banker.
She concludes the article by stating: “Optimizing the IT background check process can improve accuracy, shorten turnaround time, and lower costs. Better quality screening results can safeguard both employees and employers.”
Posted in Electronic Payment Security - General | 1 Comment »
100 Million Notifications of Data Breaches in US
January 5, 2007 by tim.
In an article posted to www.TechNewsWorld.com on 1/4/07, Ed Moyle writes that there have now been roughly 100 million notifications sent to individuals in the US notifying them that their personal information has been compromised. He does point out that there is no way to know how many unique individuals have been impacted, since there could be some overlap. According to Mr. Moyle, “Looking ahead, it won’t be long before the majority of Americans will have been notified about a breach affecting their data.”
The article also provide practical tips for monitoring your personal records to watch out for fraud as well as action steps to take in the event that you receive a notification of a data breach.
Posted in Data Breach Regulations, Electronic Payment Security - General | No Comments »