Four Hundred Stuff--Retailers Not Doing Enough to Protect Financial Data: Survey

Newsletters	Subscriptions	Forums	Safari	Store	Career	Media Kit	About Us	Contact	Search	Home

Volume 8, Number 38 -- October 21, 2008

Retailers Not Doing Enough to Protect Financial Data: Survey

Published: October 21, 2008

by Alex Woodie

Despite the computer security requirements of the Payment Cardholder Industry (PCI) standard, consumers do not think retailers are doing enough to protect their vital data, suggests a new survey from Solidcore Systems. The survey from Solidcore, which supports the i OS with its real-time change control system, concludes that consumers would feel safer if an independent entity certified retailers, instead of an army of independent auditors who sometimes have different interpretations of PCI.

Solidcore says it surveyed the opinions of more than 500 consumers from different demographic backgrounds scattered across the country. The company did not provide a margin of error, which casts some doubt on the statistical validity of its findings. Taken with a grain of salt, however, the results are worth investigating, especially considering the well-documented struggles of many IT shops to comply with PCI.

Solidcore's survey suggests that not all PCI remediation projects are equal, at least in the eyes of consumers. More than 80 percent of respondents to Solidcore's survey say they believe some retail locations to be safer than others for using credit and debit cards, and nearly 75 percent say they won't shop at outlets where they feel their financial or personal information may be at risk.

Consumers consider point of sale (POS) systems to be the weakest link in the electronic payment system, according Solidcore's survey. More than 40 percent of respondents say they worry that POS systems are insecure or at risk of fraud. By comparison, only 4 percent worry their receipt will be stolen.

Solidcore says 83 percent of respondents would feel more comfortable about shopping if there was a trusted third party in charge of certifying POS systems. "Currently no industry standard exists," Solidcore says, "but retailers working with Qualified Security Assessors (QSAs) to implement security solutions can gain a degree of confidence that permeates the organization."

Solidcore's flagship product, called S3 Control, boosts the security and helps with PCI compliance by continuously monitoring a variety of operating systems, databases, file systems, applications, and network devices for changes. Earlier this year, the Silicon Valley outfit rolled out support for i5/OS with S3 Control, providing System i shops with another layer of security on top of their change management and network security systems.

Solidcore's results are timely, considering recent high-profile data breeches at TJ Maxx and others, the ongoing credit crises, the consumer spending slowdown, and the looming holiday shopping season, which promises to be the most challenging for retailers in years.

The time for retailers to take action is now, says Anne Bonaparte, president and CEO of Solidcore. "Retailers that are truly concerned with protecting their brand must begin to place the highest priority on securing store systems, starting with POS systems," she says.

Sponsored By
SEAGULL SOFTWARE

Need to update those green-screen apps?

Need a way to reduce training time for new users?

Need to bring back-office data to the Web for employees and customers?

Update your System i apps with LegaSuite GUI.

See how so many companies use Seagull Software to create GUIs from green-screens without any changes to their code. Watch a short, narrated demo today.

www.seagullsoftware.com/green

Editor: Alex Woodie

Contributing Editors: Dan Burger, Joe Hertvik,
Shannon O'Donnell, Timothy Prickett Morgan

Publisher and Advertising Director: Jenny Thomas

Advertising Sales Representative: Kim Reed

Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

MKS: FREE white paper: From WDSC to RDi. Making Software Change Easier with MKS Integrity for IBM i
Vibrant Technologies: The leading source for IBM Power Systems and Upgrades
COMMON: Join us at the annual 2009 conference, April 26 - 30, in Reno, Nevada

IT Jungle Store Top Book Picks

Easy Steps to Internet Programming for AS/400, iSeries, and System i: List Price, $49.95
Getting Started with PHP for i5/OS: List Price, $59.95
The System i RPG & RPG IV Tutorial and Lab Exercises: List Price, $59.95
The System i Pocket RPG & RPG IV Guide: List Price, $69.95
The iSeries Pocket Database Guide: List Price, $59.00
The iSeries Pocket Developers' Guide: List Price, $59.00
The iSeries Pocket SQL Guide: List Price, $59.00
The iSeries Pocket Query Guide: List Price, $49.00
The iSeries Pocket WebFacing Primer: List Price, $39.00
Migrating to WebSphere Express for iSeries: List Price, $49.00
iSeries Express Web Implementer's Guide: List Price, $59.00
Getting Started with WebSphere Development Studio for iSeries: List Price, $79.95
Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
Getting Started with WebSphere Express for iSeries: List Price, $49.00
WebFacing Application Design and Development Guide: List Price, $55.00
Can the AS/400 Survive IBM?: List Price, $49.00
The All-Everything Machine: List Price, $29.95
Chip Wars: List Price, $29.95


Some Servers Take a Dive in IBM's Third Quarter Gartner, Forrester Cut 2009 IT Spending Growth Estimates Infor CEO Preaches Business Darwinism, Prepares for Hyper Business Future Mad Dog 21/21: Home Deep Owe IBM Cuts Disk Prices, Rejiggers Memory and CPU Conversion Prices


Why Blade Servers Still Don't Cut It, and How They Might Intel Keeps Both Arms Swinging with Xeons, Jabs with Itanium Microsoft Ponies Up Another $100 Million for Novell Linux Mad Dog 21/21: Newtonian Economics Two More Xeon-Based Galaxy Servers from Sun


For Some Customers, the Mainframe Is Green Top Mainframe Stories From Around the Web Chats, Webinars, Seminars, Shows, and Other Happenings


Displaying Multiple Results Sets in Run SQL Scripts A Practical Way to Add Exports to a Service Program Admin Alert: Preventing Multiple IPs from Stopping Internet Traffic


September 20, 2008: Volume 10, Number 38 September 14, 2008: Volume 10, Number 37 September 7, 2008: Volume 10, Number 36 August 30, 2008: Volume 10, Number 35 August 23, 2008: Volume 10, Number 34 August 16, 2008: Volume 10, Number 33


Citrix Addresses Performance with XenApp 5 Server Buyers Shop Like It's 1999 in the Second Quarter Intel Keeps Both Arms Swinging with Xeons, Jabs with Itanium Mad Dog 21/21: Newtonian Economics Microsoft Does Something About Those SQL Injection Attacks


What the Heck Is the Midrange, Anyway? Overseas and Notebook Sales Offset Printer Declines for HP in Q3 Two More Xeon-Based Galaxy Servers from Sun Mad Dog 21/21: Newtonian Economics Intel's Nehalems to Star at IDF, AMD Pitches Shanghai


Four Hundred Monitor's Full iSeries Events Calendar

THIS ISSUE SPONSORED BY:
ASNA Seagull Software Maximum Availability ARCAD Software VAULT400

	Printer Friendly Version

TABLE OF CONTENTS

Is Java the AS/400's Final Lifeline?

AquaFold Adds DB2/400 Support to Database Tool

Infor ERP LX Adds Compliance and Language Features, SOA Enablement

Shield Gets Closer to Full HA with RAP 3.1

IT Chiefs Don't Care About Software Quality, Survey Says

News Briefs and Product Shorts:

Aldon Wants Your Programming Horror Stories for 'Turkey Awards' . . . Retailers Not Doing Enough to Protect Financial Data: Survey . . . Talend Says Its Open Source Approach for Integration Tools Has Been Validated . . . Agilysys Wins Casino Contract, Cuts Revenue Forecast . . . InfoPrint Launches a Product for Automated Document Factories . . .

Four Hundred Stuff

BACK ISSUES