GUILDFORD, U.K. -- Princeton Softech, the market leader in enterprise data management, is reminding UK businesses not to overlook the mandatory need to mask and de-identify data in a live test environment in the race to become compliant with the new Payment Card Industry Data Security Standard (PCI DSS). Companies handling credit card data must conform by 30 June 2007 or face fines in excess of EUR100,000 (£67,000) per incident or data breach.
Paul Garstang, senior account manager, Princeton Softech says, "Recent research indicates that 97 per cent of these businesses are currently not compliant. As they rush to meet the deadline, they need to be aware that test data management (TDM) is a key part of the PCI DSS initiative and must not be neglected. Many believe encrypting data is sufficient in itself. It is not.
"Use of production live credit card data in non-production environments is outlawed as part of the PCI standard, for example, as is the cloning of whole production databases against card scheme rules," adds Garstang. "TDM solutions enable organisations to comply with both these requirements by allowing them to subset and mask sensitive data.