ADVERTISING DISCLOSURE: is an independent, advertising-supported web site. receives compensation from most credit card issuers whose offers appear on our site. Compensation from our advertising partners impacts how and where their products appear on our site, including, for example, the order in which they may appear within review lists. has not reviewed all available credit card offers in the marketplace.

Credit Card Applications » News » Other » Virtualization adapted for credit card security

Virtualization adapted for credit card security

November 12, 2010 | Updated on November 12, 2010
Add to Favorites:
The content is accurate at the time of publication and is subject to change.

Online credit card transactions are all set to function in virtual environments. Security levels would be increased while taking virtualization into account (as per the second edition) states a release of the Payment Card Industry Data Security Standard. As per the standard it is mandatory for organizations that handle payment card data to follow minimum security standards in order to process card transactions. Based on the size of an organization, the annual compliance validation processes are handled internally or externally by certain Qualified Security Assessors who are independent.

The PCI DSS system components (2.2.1) now hold virtualized systems, with compliance details in relation to the virtual environs. There were merchants, auditors, financial institutions, etc who were part of the PCI Special Interest Group and would help in the better understanding of how the standard would be affected due to other environments.

While there are minor changes in the document, adopting approaches to mitigate vulnerability (approaches that are risk based), scoping of the (PCI) assessments, as well as detailing on secure application coding standards are all included. There should be no new issues from the 2.0 version, however organizations must consider the implications of the standard that is to be implemented.

The lesson that is learnt from past experiences is simple. Investing in controls in order to address PCI provides a wonderful opportunity in improving the overall security. PCI has provided enough awareness with regard to data security risks and thus made a positive impact where there have been heavy investments in the processes as well as technology with regard to data security.

Though the release cycle of the new PCI DSS has been between 2 to 3 years, the security standards do not risk redundancy before the upgrading, stated Kane Lightower, Regional Sales Director, Imperva. He also stated that the standard would enforce a benchmark in security that would be minimum and refuted claims of it becoming a hacker's play book.

Lightower also stated that the security should not be based entirely on the compliance by the respective organizations. He also stated that while compliance had matured much more, Australia's has no data breach disclosure laws and that meant that there were more leniencies. Since the data breaches and the consequences in Australia weren't as high as that of the U.S., pressure for compliance were not as strong. As per a recent report (from Verizon Business), it was found that only a mere 22% of the organizations that had been surveyed were completely PCI DSS compliant.

Disclaimer: This editorial content is not provided or commissioned by the credit card issuer(s). Opinions expressed here are the author's alone, not those of the credit card issuer(s), and have not been reviewed, approved or otherwise endorsed by the credit card issuer(s). Reasonable efforts are made to present accurate information, however all information is presented without warranty. Consult a card's issuing bank for the terms & conditions.
All rates and fees, and other terms and conditions of the products mentioned in this article/post are actual as of the last update date but are subject to change. See the current products' Terms & Conditions on the issuing banks' websites.
Add to Favorites:
Get the latest news, articles and expert advice delivered to your inbox. It's FREE.
You've successfully subscribed!

Please specify the following:All these fields are optional

Your Credit History
Themes you are interested in:

By providing this information you help us make our news letters more useful and informative. Thank you!