Former Hannaford CIO: Avoid Microsoft and Change PCI's Encryption Rules
Evan Schuman writes on StorefrontBacktalk:
Bill Homa, who just stepped down July 1 as the CIO for the 165-store Hannaford grocery chain, considers Microsoft's OS to be "so full of holes" and describes the fact that current PCI regs do not require end-to-end encryption as "astonishing."More here.
But Homa's key point is that most retailers handle security backwards: Don't pour everything in protecting the frontdoor. Assume they'll get through and have a plan to control them once they're inside.
One of the most frustrating IT security realities in retail today is the quintessential oxymoron: the more serious the CIO is about keeping data secure and the more sophisticated a defense is deployed, the more points of vulnerability emerge.