Since PCI DSS 3.0, it has been a requirement that businesses no longer outsource their PCI obligation, as the standard has specified that when using third party services, the business is not exempt from accountability and its obligation to secure cardholder data. Therefore when a third party supplier or partner shares information relating to payment cards, each and every party involved must document and monitor their respective responsibilities.
In this article SureCloud’s COO Nick Rafferty highlights six steps to ease the process of third-party PCI Compliance.