We notice you are visiting from a U.S. Internet provider. 
12/03/2010 -
Many businesses do not realize it, but customer relationship management systems can present a serious vulnerability in payment processing security if cardholder information is stored in it - presenting not just a security threat but also a compliance headache.David Taber wrote in a recent article for CIO magazine that CRM systems hold a wewalth of sensitive information, and should be protected accordingly.
"For any modern marketing and selling organization, CRM is as essential as an accounting system," Taber wrote. "But most organizations don't realize the value and the scope of the data their CRM represents. You need to understand the policies and the best practices to keep your compliance and legal discovery issues to the absolute minimum."
For example, Taber advises businesses to avoid storing payment processing data in its entirety in the CRM system. If marketers or customer service representatives really need to access that data, the system should hold only pointers or external keys to the system of record for payment processing information, he wrote.
Following these best practices will not only result in a more secure business, but it may also help save money on PCI compliance - StorefrontBacktalk.com recently reported that the best way to reduce compliance costs is to minimize PCI scope.
