contents

business
 
Version 1.2 of PCI Data Security Standard Released

The PCI Security Standards Council (PCI SSC) announces general availability of version 1.2 of the PCI DSS. This latest version is the culmination of two years of feedback and suggestions from its industry stakeholders and is designed to clarify and ease implementation of the foremost standard for cardholder account security. Version 1.2 is effective immediately and version 1.1 of the standard will sunset on Dec. 31, 2008. The updated standard and supporting documentation is available on the Council's Web site.

The Council previously announced the summary of changes between version 1.1 and version 1.2 to ensure awareness of the coming latest changes to the standard. Version 1.2 includes clarifications and explanations of the requirements that improve flexibility to meet today's security challenges and ensure organization's can adequately comply with the standard. While version 1.2 does not introduce any new major requirements to the existing 12 in place since the Council's inception, the updates do change some practices, such as the sun-setting of implementations of Wired Equivalent Privacy (WEP) wireless security by June, 2010.

Since the Council's inception in Sept. 2006 and the release of version 1.1 of the PCI SSC, its Participating Organizations and Board of Advisors have been providing feedback on the standard, with global industry input into the revisions. This follows the established lifecycle process that will ensure that the PCI DSS standard is revised and updated on a two year cycle. Participating Organizations are given the opportunity to receive early drafts of all pending revisions to the Council's standards and provide a bulk of the feedback during this process. PCI DSS version 1.2 was the primary discussion topic at the Council's recently concluded and successful community meeting in Orlando, Fla., in which more than 500 attendees came together to begin the process of strengthening the standards even further.



write your comments about the article :: © 2008 Computing News :: home page