Securing data management systems can be costly, time-consuming and complicated, it has been claimed.
Dr Akif Khan, director of products and services for CyberSource, said that the first step to compliance with Payment Card Industry (PCI) regulations is to understand exactly where in an organization's system customer data resides and from where it can be accessed.
Secondly, he said organizations need to identify which staff have access to customer details on data management systems and how much they can see.
"The act of securing data within an organization is a costly and complicated undertaking and many online retailers prefer to engage a certified third party to help reduce this burden and move all customer payment data off-site," Dr Khan said.
Recently, in a speech at the National Defense University, William Lynn, the US deputy secretary of defense, admitted that 24,000 files had been stolen in a breach of data management systems.
Posted by Richard Jones