PCI compliance eased

Newly established alliance seeks to educate firms

A new industry alliance has officially launched today with the aim of educating firms on the requirements and the value of the Payment Card Industry (PCI) Data Security Standard.

The standard was created by the card industry to improve the security of payment transactions and applies to all firms that process or store data.

The PCI Security Vendor Alliance (PCI SVA), which features firms such as data security specialist Protegrity and identity management software vendor Cyber-Ark, will provide white papers, web seminars and, potentially, live seminars, according to Protegrity's David Taylor.

"Everybody's looking for a roadmap from where they are to full compliance [but] it's not an easy journey; if it was everybody would be compliant," he explained. "We'll provide the roadmap and educational resources necessary for them to figure out what they need to do."

Some organisations falsely claim that they sell products and services that can make firms compliant within days, adding to the uncertainty and confusion over the standard, he added.

"Not one company can do all that stuff – we wanted to build awareness of what it actually involves," he said.