Blog

01Oct, 2017

What do I need to consider regarding mobile devices and tablets for employees in a store environment, as it relates to PCI compliance?

One of the key things is to determine what the devices are going to be used for and whether or not they’ll be used to process transactions or have any payment card data processed through them or stored on them. If so, they will fall into scope for PCI compliance. Even being on the same network as systems that store, process or transmit payment card data will bring these devices into scope. While the PCI guidelines might not have specific requirements yet for every aspect of mobile applications and devices, they are clear around keeping cardholder data protected, wherever it may be.

This is such a new area for many merchants that they aren’t properly addressing security issues or updating their employee guidelines or policies to deal with them adequately. You can’t take it for granted that employees will know what to do in a given situation or think about the ramifications of bringing their own devices into retail or working environments. Make them aware of the need for compliance and why it’s important to customers and to the business.

Related Articles

The benefits of mandatory data breach notification laws in Australia

Mandatory data breach notification laws would result in greater security for Australians and improved protection of their sensitive information. And i

Read More

Cost of data breach report (with Australian Statistics)

Ponemon Institute 2013 Cost of Data Breach report The 2013 Cost of Data Breach report published by the Ponemon Institute (sponsored by Symantec) revea

Read More

How to survive a data breach

In the past two years, LinkedIn, eHarmony, Twitter, Adobe and, most recently, Target have suffered data breaches that together exposed more than 120 m

Read More

Credit card data discovery tools lay the foundation for good data security

Card Holder Data (CHD) discovery tools are becoming essential in identifying none secure sensitive data locations. Since December 2013, a series of da

Read More