PCI DSS

How PCI compliance can help you achieve GDPR compliance too

As you probably know, there’s a lot of pressure on organisations to ensure that they are compliant with the new EU GDPR regulations by 2018. At Syntec we’re increasingly asked how PCI DSS and GDPR are related. In this blog I’ll discuss the overlap between the two and how PCI compliance can help you then build […]

Read more

Keys to a successful PCI DSS project

Considerations for vendor selection The choice of supplier for your PCI DSS solution is critically important to the success of your project. A good fit for your business helps ensure a relatively smooth journey. Solutions which are intuitive ease the learning process, foster the sense of the project being an improvement, and contribute to organisational […]

Read more

How can my contact centre become PCI DSS compliant? A check list of considerations

After three years of discussion, a new EU Data Protection Framework has been agreed. The new General Data Protection Regulation (GDPR) replaces the current Data Protection Directive. Whilst it won’t come into force for a couple of years, it’s important that your organisation starts preparing now, as it will have a very substantial impact on all entities that […]

Read more

Confidence tricks – how PCI DSS compliance helps you win your customers’ trust

Loss of confidence in online transactions and data held on individuals is amongst the greatest potential risks facing any on line retailer, financial institution or public facing body. Headlines abound on data losses from banks, social websites and health providers. Each breach represents a significant blow to the reputation of the business suffering it and […]

Read more

Outsourcers and homeworkers need to be PCI DSS compliant too

Organisations taking payment over the phone, both private and public sector, are now rapidly embracing the regulatory requirement to ensure that card payments over the phone are secure. In the early days of tackling compliance, ‘clean rooming’ agents was a method used to ensure card numbers couldn’t be inadvertently stored or misused, by ensuring that […]

Read more

If you don’t need the card data, don’t touch it!

Call centres, when it comes to PCI DSS compliance give the problem to someone else I have been a PCI DSS QSA for seven years now, and involved in the information security industry for 15. In that time I have assessed and advised all manner of customers, large and small, across various sectors and in various aspects […]

Read more

How to make your call recordings PCI DSS compliant

It’s common practice nowadays for organisations to record telephone calls between staff and customers. This might be for quality control, for staff monitoring and training, or as part of customer service and complaints review. Indeed, in many industries (particularly financial services) the recording of calls is a regulatory requirement. Call recording throws up a number […]

Read more