Payment Card Industry Data Security Standard (PCI-DSS) compliance is a problem businesses of all sizes should prioritise given the rise in fraud and cybercrime, said Perry Hutton, regional director of Fortinet in Africa.
“The… PCI-DSS has been in place for some time, but until recently, only major enterprises tended to aim for full compliance. With fraud proliferating and PCI-DSS compliance becoming easier and more cost effective, compliance has become important for businesses of every size,” said Hutton.
Hutton said a business that accepts card payments should essentially aim to be compliant.
According to Hutten the past five years have seen the PCI-DSS framework evolving from mere guidelines without any “enforceable sanctions” to a “must-have” certification for companies which store, manipulate and transmit cardholder data.
“Some years ago, PCI-DSS compliance involved complex dealings with multiple vendors, at significant cost. In fact, the single most prohibitive factor was dealing with multiple vendors. There was an understandable reluctance among businesses to become compliant unless they were absolutely forced to do so,” said Hutton.
This however, should no longer be the case, said Hutton, due to consolidation and multi-vendor technology, which allows for PCI compliance to be achieved quicker and at a significantly lower cost.
Now that PCI-DSS compliance barriers have been lowered, Hutton believes businesses of all sizes should become compliant and “safeguard their electronic transactions”.
