Data security tops CIO

COMMENT ON THIS ARTICLE

When Beverly Magda became CIO of the Humane Society of the United States in July 2005, her first goal was clear: Comply with the Payment Card Industry data security standard that had just been implemented. “Because we’re a nonprofit…we want [donors] to be able to trust us and know their information is secure with us,” she said.

The Humane Society’s process of encrypting credit card data and securing its network was already sophisticated enough to comply with PCI and protect sensitive personal data, Magda said.

The Humane Society did have to update its internal policies and procedures as well as submit to quarterly scans by a third-party security auditor, and ensure the results of those scans are made available to the banks of which it is a customer.

The Humane Society, which has worked to protect animals for more than half a century, was able to comply with PCI within a year of Magda’s arrival despite becoming extraordinarily busy in late 2005 after Hurricane Katrina.

The company thought complying should be easier. So early this year, it started using QualysGuard PCI, a software-as-a-service application from security vendor Qualys, which provides PCI compliance testing, reporting and submission.

Qualys acts as third-party auditor, making it easier to submit results to banks, Magda said.

With the old system, the Humane Society had to schedule a quarterly scan, then courier the audit report to banks or encrypt it and send via e-mail. Now the audits are scheduled automatically, and banks are notified afterward so they can log on to the Internet and download the reports, Magda said.

The QualysGuard PCI service includes quarterly network security scans to identify critical vulnerabilities and help customers fix the problems with instructions and links to verified patches.

Magda’s job, meanwhile, goes beyond PCI compliance. For example, the firm supports 120 Treo mobile devices to coordinate communication and animal rescues. “Advocacy isn’t a 9-to-5 job, and animal welfare isn’t a 9-to-5 job,” she said. 078451

COMMENT ON THIS ARTICLE

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now