A recent survey by PWC found that over 90% of US companies surveyed viewed GDPR compliance as one of their top data security priorities in 2017, and over half of those stated that it was their single most important issue of concern. Why is this? In May 2018 the EU’s general data protection regulation (GDPR) […]
Read moreHow PCI compliance can help you achieve GDPR compliance too
As you probably know, there’s a lot of pressure on organisations to ensure that they are compliant with the new EU GDPR regulations by 2018. At Syntec we’re increasingly asked how PCI DSS and GDPR are related. In this blog I’ll discuss the overlap between the two and how PCI compliance can help you then build […]
Read moreKeys to a successful PCI DSS project
Considerations for vendor selection The choice of supplier for your PCI DSS solution is critically important to the success of your project. A good fit for your business helps ensure a relatively smooth journey. Solutions which are intuitive ease the learning process, foster the sense of the project being an improvement, and contribute to organisational […]
Read moreHow can my contact centre become PCI DSS compliant? A check list of considerations
After three years of discussion, a new EU Data Protection Framework has been agreed. The new General Data Protection Regulation (GDPR) replaces the current Data Protection Directive. Whilst it won’t come into force for a couple of years, it’s important that your organisation starts preparing now, as it will have a very substantial impact on all entities that […]
Read moreConfidence tricks – how PCI DSS compliance helps you win your customers’ trust
Loss of confidence in online transactions and data held on individuals is amongst the greatest potential risks facing any on line retailer, financial institution or public facing body. Headlines abound on data losses from banks, social websites and health providers. Each breach represents a significant blow to the reputation of the business suffering it and […]
Read moreOutsourcers and homeworkers need to be PCI DSS compliant too
Organisations taking payment over the phone, both private and public sector, are now rapidly embracing the regulatory requirement to ensure that card payments over the phone are secure. In the early days of tackling compliance, ‘clean rooming’ agents was a method used to ensure card numbers couldn’t be inadvertently stored or misused, by ensuring that […]
Read moreIf you don’t need the card data, don’t touch it!
Call centres, when it comes to PCI DSS compliance give the problem to someone else I have been a PCI DSS QSA for seven years now, and involved in the information security industry for 15. In that time I have assessed and advised all manner of customers, large and small, across various sectors and in various aspects […]
Read moreHow to make your call recordings PCI DSS compliant
It’s common practice nowadays for organisations to record telephone calls between staff and customers. This might be for quality control, for staff monitoring and training, or as part of customer service and complaints review. Indeed, in many industries (particularly financial services) the recording of calls is a regulatory requirement. Call recording throws up a number […]
Read morePCI DSS compliance – why does it matter and how can you ensure your call centre is compliant?
PCI DSS (payment card industry data security standard) is a set of standards designed to ensure that any company which processes, stores or transmits credit card information does so securely. If you ever handle any credit or debit card payments over the phone in your contact centre then PCI DSS applies to you, regardless of […]
Read more