The Doomsday Clock recently ticked closer to midnight. While not nearly as perilous, heading into February also marks the swift approach of another countdown – the compliance date for PCI DSS 3, requirement 9.9. Currently a best practice, after June 30 this year, merchants will be expected to comply with the requirement.
To this point, many of the merchants that we talk to here at Termtegrity have yet to really delve into what compliance with 9.9 will mean for them. It’s another item on the list. But it is an item that becomes more complex as the size of your organization grows and will likely require organizational operational change.
Luckily, this is top of mind for industry thought leaders, who have begun talking about what the implications of this requirement are for merchants and how to start thinking to prepare for July 1.
One of the leading experts in the industry, Dr. Branden Williams (who literally wrote the book on PCI compliance) has just published a white paper called “Preventing Terminal Tampering – An Examination of the Business Impacts of Requirement 9.9” which takes a step back from the nitty-gritty of the requirement and looks at business level consequences and what you can do to manage the new requirement.
In it, he gives advice on various methods of compliance and discusses the challenges that merchants of all sizes will face. It’s both comprehensive and practical, and definitely worth taking the time to read.
You can obtain a copy of the whitepaper on our site (after a short registration) and while you’re at it, take a second to follow @BrandenWilliams on twitter to get Branden’s unfiltered view on PCI, life, and everything in-between.
The feature image above was created by Mike Mozart of JeepersMedia and is licensed under a Creative Commons Attribution 4.0 International License.