I'd like to clarify a point in Ellen Messmer's story, "PCI compliance mandate's power raises conflict-of-interest questions" on Nov. 8, which incorrectly stated IBM's approach to recommending non-IBM products during PCI assessments. The Payment Card Industry's Data Security Standard brings tighter security around consumer personal information and also many unique compliance challenges for businesses. Our recent announcement pointed out that IBM is the only known vendor to provide technologies addressing all 12 PCI requirements. However, as a certified PCI Qualified Security Company, our certified Qualified Security Assessors must not and do not recommend any tool or solutions to the deference of any other to help a client resolve anv PCI issue.
展开▼
