Security Standards
What is the PCI Data Security Standard?
The Payment Card Industry Data Security Standard (or PCI DSS) originally
began as four different programs:
- Visa's Card Information Security Program
- MasterCard's Site Data Protection
- American Express' Data Security Operating Policy
- Discover's Information and Compliance
Each company's intentions were roughly similar: to create an additional level of protection for customers by ensuring that merchants meet minimum levels of security when they store, process and transmit cardholder data.
By following the standardised, industry-wide procedures of PCI DSS, organisations can:
- Protect their customers' personal data
- Boost customer confidence through a higher level of data security
- Insulate themselves from financial losses and remediation costs
- Maintain customer trust, and safeguard the reputation of their brand
- Provide a complete ‘health check' for any business that stores or transmits customer information
What is the ISO 27001 standard?
The ISO 27001 is an international standard for the development, deployment and ongoing management of an information security management system (ISMS).
This standard provides a structured, comprehensive and coherent approach for protecting confidentiality, integrity and availability of an organisation's data, which is:
- Vendor Neutral
- Technology Agnostic
- Sector - Independent.