These reports serve as powerful reminders of the importance of safeguarding financial data and how difficult it can be for companies to ensure proper safeguards when they try to do it themselves.
As purchasing executives and acquisition managers seek to simultaneously be paid electronically and disburse payments electronically to their suppliers, they bear responsibilities in each respective role. For example, the use of corporate p-cards through buyer-initiated payments or electronic AP methods traditionally required a supplier to keep live credit card data on file. With recent technological advances, many suppliers are no longer storing card data internally but instead opting for one-time-use cards or a fully automated, buyer-initiated electronic system, with payments sent directly to the supplier/merchant account without the card data ever being exposed.
Managing payment information security in large organizations is a dynamic, complex task with multiple components, resource needs and requirements that constantly change. Many companies that accept credit card payments from suppliers and must, therefore, comply with PCI-DSS rules rely these days on outsourced solutions that completely remove payment data from their internal systems. Yet thousands of businesses still use outdated technology that doesn’t adequately protect confidential credit card data, exposing their business, employees and customers to risk and potential losses.
A former procurement executive at several Silicon Valley manufacturing firms, Aaron Bills is founder and chief operating officer of 3Delta Systems, a payment solutions company that delivers the power of secure, Internet-based purchase and credit card processing solutions to enterprise, business-to-business and business-to-government customers.