Wednesday, January 18, 2012
Businesses are storing more critical data across several platforms than ever before, making achieving compliance under the PCI Data Security Standard a priority for many companies. However, despite increased security awareness among enterprises, many of them still make common PCI compliance errors.
According to a recent Dark Reading report, the most frequent PCI compliance mistake is not following the rule of least privilege, which states that businesses should only allow certain administrators and employees to access private customers and company data.
"It is not uncommon for many employees at an organization to have access to the data, including those who don't require it to fulfill their job functions," Leanid Shtilman, CEO of Viewfinity, told the source. "It is not acceptable to allow any privileged user to have access to all data."
The report said ignoring virtualization compliance, failing to properly define scope and not tracking cardholder data flows are among the common compliance errors businesses make.
IP Commerce offers application developers the world’s best open platform (with free API’s, modules and templates) for fast and innovative ecommerce solutions. Get the API’s you need now – simply use our Free Online Integration Wizard to provide the details of your next ecommerce project and download the application tools you need.
