On Protecting Customer Data
By independentid on Oct 19, 2007
David Dorf of the Oracle Retail Product Strategy Team, writes an excellent byline in SC Magazine, "Avoid the PCI hype, but use the standard as a rallying point."
RetailersDavid goes on to point out that
that focus solely on PCI compliance are taking a shortsighted view and
making a critical mistake. In an industry where performance is measured
on a weekly basis and where there are 12 distinct data points for
reporting to Wall Street, as opposed to four in other industries, there
is always a danger of getting caught in the moment and failing to
adequately plan for the long haul. This is certainly the case for many
retailers in addressing enterprise security and is further complicated
by the myriad of security and privacy standards, laws and guidelines
that are in play today.
from a privacy perspective, retailers often view sensitive data only in
terms of data related to payment cards. However, the scope of sensitive
data "should extend to any information about an identifiable