Matt Hooper, General Manager at Cognia PCI, discusses 5 things that we know about PCI in the contact centre for 2015
PCI compliance has long been seen by many as a ‘tick in the box’ exercise, that hasn’t figured high on the information security stack hot list. But that does now seem to be changing. At the PCI London conference, a growing awareness of the strategic importance of PCI is becoming more and more prevalent. Recent data breaches and a growing awareness of impact across business operations, from marketing, finance to customer experience is finally pushing PCI onto the CXO agenda.
The not so good news as highlighted by Verizon’s recent green paper, is that the majority of organisations that achieve PCI compliance fall out of PCI-DSS after just one year. The key to success of PCI-DSS is now firmly focused on developing a strategy that assures sustainability year on year and that PCI-DSS becomes part of the every day behaviour of an organisation, from the way secure payment card data gets handled in trading environments to the awareness of employees in making all efforts to securely manage their role in protecting their organizations data.
So it can be argued that as a top 5 for 2015. The following represents the key pieces of the PCI puzzle that need to be incorporated into any PCI programme and information security strategy this year:
1. This is the year to assure contact centre environments are freed from the risk of PCI-DSS. Don’t risk a data breach, reputational damage or fines. Look to remove sensitive card data from systems and people environments all together.
2. PCI is not just for the year it’s for all time. Look to a sustainable strategy and programme that assures continued compliance – it will save you time and money!
3. Use PCI 3.0 as the opportunity to build the people aspect of compliance into day to day business operations – education and changing behaviour is key – everyone plays a part.
4. Clean out the cupboard. Look at outsourced storage and data cleansing to remove the risk of non-compliant legacy stored data
5. Utilise new technology to solve business problems. Things like pause and resume recording has had its day, it’s high risk and not efficient for a PCI compliant environment. Embrace the power of the cloud. Outsource the problem while you focus on your customers.
Payment card data security risk is here to stay, but so is PCI. Embrace it and build a better business as a result this year.
Matt Hooper is an experienced senior marketer and general manager, bringing to Cognia over 20 years’ experience in international marketing, product management and business development, gained in enterprise software and services firms.
Cognia has the world’s first QSA-validated, PCI DSS Level 1 payment processing service on a secure global cloud platform offering unparalleled security and cost effectiveness.
For additional information visit Cognia’s Website