Working together, the major payment card providers have developed a set of data security standards and created a council for enforcing them. Although the Payment Card Industry Data Security Standard (PCI DSS) has become a global requirement, many organizations are lagging in compliance.

There's no doubt protecting payment information during transmission, processing and storage is a business imperative. But, the current "lock-down" approach, which focuses on encrypting payment data within your environment, has proven inadequate, unmanageable, or both. Think about it.

As the economy begins to show signs of a pending recovery, medium and large businesses continue to shift their attention from payment processing to payment processing management-meaning, there's an increasing emphasis on improving the process of managing payments throughout the entire order acceptance lifecycle, not just transacting a payment at the time of sale.

This report is based on a survey of U.S. and Canadian online merchants. Decision makers who participated in this survey represent a blend of small, medium and large-sized organizations based in North America. Merchant experience levels range from companies in their first year of online transactions to some of the largest e-retailers and digital distribution entities in the world.

Welcome to PCI Compliance For Dummies! Compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) is mandatory if your company stores, processes, or transmits payment cardholder data. This book is all about understanding PCI and how merchants can comply with its requirements.

This white paper reviews the basics of PCI, including who must comply, compliance requirements, validation requirements and penalties. It also examines key things to look for when selecting a PCI network testing service and introduces QualysGuard PCI.

This whitepaper will examine PCI DSS and explain how Lumension® Compliance and IT Risk Management can help organizations reduce the cost of addressing compliance by streamlining and automating the IT audit process, unifying control and compliance frameworks, automating assessment and remediation processes, and enabling continuous monitor­ing of their compliance and IT risk management posture.