We are in the midst of a ‘shop online’ trend explosion. Internet retailers are continuously reinventing how we [customers] shop online. Whether it’s via our mobile devices, PCs, or in-store kiosks, there is a myriad of new options for transacting business that carry both positive and negative implications for the consumer and the retailers themselves.
One of the internet’s biggest issues is security; as an e-retailer you need to ensure that your online shop is safe and secure throughout the payment process, handling sensitive information efficiently and securely.
This brings me on to this week’s blog topic; PCI Data Security Standards (PCI DSS). In laymen’s terms this is the framework and set of regulations compiled by the PCI Security Standards Council within which online merchants must operate in order to be compliant. It demands that merchants develop a tenacious online card payment system, incorporating processes for prevention, detection and appropriate responses to security incidents.
Why Should I Comply?
As a merchant, you are probably wondering why you need to comply with the PCI Security Standards. These strict guidelines seem like a lot of effort, especially to small organisations. However Payment Card Security is becoming increasingly important and implementing precautionary measures could be potentially business saving.
Some of the reasons why (as highlighted by the PCI Compliance Council*) it would benefit to comply with the PCI Security Standards are:
Compliance with the PCI DSS means that your systems are secure, and customers can trust you with their sensitive payment card information:
• Trust means your customers have confidence in doing business with you.
• Confident customers are more likely to be repeat customers, and to recommend you to others.
Compliance improves your reputation with acquirers and payment brands -- the partners you need in order to do business.
Compliance is an ongoing process, not a one-time event. It helps prevent security breaches and theft of payment card data, not just today, but in the future:
• As data compromise becomes ever more sophisticated, it becomes ever more difficult for an individual merchant to stay ahead of the threats.
• The PCI Security Standards Council is constantly working to monitor threats and improve the industry’s means of dealing with them, through enhancements to PCI Security Standards and by the training of security professionals.
• When you stay compliant, you are part of the solution – a united, global response to fighting payment card data compromise.
Compliance has indirect benefits as well:
• Through your efforts to comply with PCI Security Standards, you’ll likely be better prepared to comply with other regulations as they come along, such as HIPAA, SOX, etc.
• You’ll have a basis for a corporate security strategy.
• You will likely identify ways to improve the efficiency of your IT infrastructure.
*https://www.pcisecuritystandards.org/security_standards/why_comply.php
Be PCI DSS Compliant ALB-X 2.0
Enterprises often go through the time consuming and costly process of deploying an application firewall to ensure that their web platform is PCI Compliant. We at jetNEXUS even have a great solution called the jetNEXUS Application firewall. However, this is not the only option for online merchants. In fact, the additional cost of purchasing and implementing a unique, standalone application firewall can be avoided with the jetNEXUS ALB-X 2.0 Application Delivery Controller.
The jetNEXUS ALB-X has a powerful rule engine called flightPATH that works in the background, FlightPATH can be configured to help with PCI compliance. Unique traffic rules can be implemented, offering clients greater control and intelligence in managing their service delivery and protecting against top application threats as summarised by the Open Web Application security project (OWASP)*.
*https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
This type of granular control in traffic management and application delivery is especially crucial when managing online applications and ecommerce sites. flightPATH is highly configurable, very powerful and yet easy to use. In addition to this, the jetNEXUS ALB-X is designed to dramatically improve the performance, reliability and manageability of application delivery. So whilst accelerating your applications may not have been the initial reason for looking at jetNEXUS, it is certainly a nice extra benefit!
Check out flightPATH here: http://www.jetnexus.com/flightpath.html
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment