Welcome!

Eclipse Authors: Liz McMillan, Lacey Thoms, Jayaram Krishnaswamy, RealWire News Distribution, Lev Lesokhin

Blog Feed Post

Need PCI Compliance? Try Open Source

open source pci compliance

There’s no shortage to the benefits open source software provides. Though the technology is certainly not without its criticisms—for example, depending on the product, you might run into a lack of quality support—lately, its proponents have been eying a new application for open source: compliance.

In a recent presentation, security professionals unveiled a proposed Payment Card Industry (PCI) Data Security Standard (DSS) compliance model that is based on open source technology. The system is designed, they said, to help reduce expenses, enhance scalability and make it easier to manage the technological infrastructure that supports PCI compliance.

The PCI standards are a set of protocols developed by major credit card companies that were designed to enhance data security. Should businesses fail to be PCI-compliant and then have their systems breached, they face significant fines and could even lose their merchant accounts. As such, it’s imperative that businesses consistently adhere to PCI standards.

There are open source alternatives available that support PCI compliance. For example, to meet the PCI DSS requirement that businesses use a consolidated log server and that the server be monitored with regularity, businesses can leverage a variety of open source tools like fluentd and logstash. As is the case with any piece of technology, companies will need to fine tune these tools to their precise specifications.

The question as to whether a business should adopt open source or proprietary solutions is one that has to be answered internally. With open source, when new needs arise, source code can be augmented to support those needs. But it could take some time to do that, so businesses need to decide whether the benefits of open source outweigh the costs.

Read the original blog entry...

More Stories By Lacey Thoms

Lacey Thoms is a marketing specialist and blogger at Protecode, a provider of open source license management solutions. During her time at Protecode, Lacey has written many articles on open source software management. She has a background in marketing communications, digital advertising, and web design and development. Lacey has a Bachelor’s Degree in Mass Communications from Carleton University.