We notice you are visiting from a U.S. Internet provider. 
23/02/2010 -
Updating payment processing security infrastructure, policies and technology in an attempt to become PCI compliant or to reduce the scope of PCI DSS requirements is an admirable thing, but when not done properly, it can end up making the situation worse.CSO magazine reported that one of the ways such deployments can backfire is if they are not properly researched beforehand, or if they simply attempt to add on new solutions to old infrastructure.
"Everyone is in a rush to get compliant to meet the letter of the law and lower their risk to regulatory punishment and damages that they fail to see the forest from the trees, and don't stop to look at the big picture," Ed Ziots, network administrator for a Rhode Island-based company, told CSO magazine.
This "continues to perpetuate the fire-drill exercises to secure things instead of looking at the security of the products and services that are part of the business fabric and incorporate this from the beginning," he added.
PCI Security Standards Council general manager Bob Russo is of a similar opinion, regularly advising merchants to view payment processing security in a "big picture" way by focusing on security, not just compliance.
