This week’s Gloves Off debate tackled the payment card industry standards and their ability to protect retailers from consumer data leaks.
In addition to speaking with Robert Russo, GM at PCI Security Standards Council and David Taylor, President at PCI Alliance, I spoke to other experts about the best way retailers and marketers can protect their data.
Prat Moghe, the founder & CTO of Tizor Systems, said there are several misconceptions in data security today. “One popular misconception is that majority of data losses happen by e-mail,” he said. “In reality, less than 5% of data losses happen by e-mail. Laptops and databases are the top 2 sources of data losses. They account for 40% and 50% of data losses respectively.”
He said that while the PCI standards provide a basic map of security defense layers that can reduce data risk, the best way to protect data and assure it is being accessed properly is through data activity monitoring.
Wes Trochill, president of Effective Database Management LLC, said, “The greatest risk of breach is actually the human element, either malicious or accidental…The best way to ensure protection is to have rules and business processes in place for how data is managed. For example, no personal data should be loaded on laptops or other mobile devices.”
He went on to say that any easy mistake to make to assume that data breach would not effect your business.
“Anyone who does business online, or stores personal data on their computers, is at risk of that data being compromised, whether accidentally or maliciously. All organizations need to have processes and procedures in place to minimize the possibility of a major data breach.”
Click here to learn more about the current PCI Standards.
To schedule an interview and become part of the PCI Knowledge Base’s compliance survey, click here.
To propose your own topic of debate for Gloves Off, please e-mail me at [email protected].
