Consumer Data Security Movement Backburnered By Lawmakers
Page 2 of 3By Gregg Keizer , TechWeb Technology News
Enterprises have made significantly more progress, Litan argues, if only by boosting their spending on security software like intrusion detection systems and data encryption tools.
""That's the good news,"" Litan said.
The bad? Third-party data brokers remain unregulated, and the credit card industry's PCI (Payment Card Industry) Data Standard is extraordinarily confusing, so much so that come retailers can't figure out if they're in compliance.
The third-party broker issue is important, since the data loss that jump-started concern over security was the fault of broker ChoicePoint, which sold fraudsters tens of thousands of consumers' names, addresses, Social Security numbers, and credit reports in October 2004.
But Litan saved her harshest criticism for the PCI standard, an effort by major credit card companies like MasterCard and Visa to bring companies that accept credit cards into line. Under the PCI standards, companies that accept credit cards must comply with a dozen security requirements, such as encrypting cardholder data as its moved across public networks like the Internet, installing a firewall, and regularly testing security systems.
""It's pretty much Security 101,"" said Litan. ""But it's too confusing. Too many companies still can't get clear answers from the credit card associations whether they're in compliance with PCI or not.""
And a recent incident at Sam's Club, a division of Wal-Mart, showed how PCI seems to be applied unequally, Litan said.
Earlier this month, Sam's Club announced that at least 600 customers who bought gas at its stores between Sept. 21 and Oct. 2 had their credit card data stolen.
|
BreakthroughIT seeking Project Manager in Groton, CT
Monsanto seeing IT Transportation and Optimization Analyst in St. Louis, MO
Princeton Financial Systems seeking Business Analyst 4 in Princeton, NJ
CSAA seeking IT Analyst IV in Glendale, AZ
DisplaySearch seeking IT Project Manager in Austin, TX
For more great jobs, career-related news, features and services, please visit our ""Career Center.
TechWeb's FREE e-mail newsletters deliver the news you need to come out on top.
Get definitions for more than 20,000 IT terms.
Editorial and vendor perspectives
Come up to speed on KVM-over-IP solutions: Download the free buyers guide
Use supply and demand to bring IT and business into balance. Download this free white paper