A recent Dark Reading report said the highly technical and specific issues addressed in PCI DSS regulations can create a sense of fear, anxiety and confusion among businesses. Even worse, they can prove distracting.
The news source suggested that the PCI standard is so specialized that it can often distract companies from their other security priorities. This occurs because the regulation is inherently designed to enable secure data storage for payment card information. It does not address data protection issues for other areas of enterprise security. As a result, it can be easy to get so distracted focusing on the PCI standard that businesses inadvertently let their other areas of emphasis slip.
To overcome this problem, the report said, organizations should work to apply the security provisions within the PCI standard to other systems as well, as the protocols involved are often adaptable to other IT security options.
Another key consideration for businesses trying to avoid PCI compliance distractions is to outsource some IT systems to a PCI compliant hosting provider. This simplifies the process of supporting the PCI standard and makes it easier for businesses to focus on other core IT needs.
