Posted: Oct 23, 2018
Comments: 0
Author: Lou Grilli

Security For Your PCI Reports

A typical credit union downloads its report bundles daily from its processors. Usually, the only option is to store those highly sensitive Payment Card Industry (PCI) report bundles on a network drive, with some level of appropriate user access controls. The reports contain 16-digit card numbers, transaction-level details, and Personally Identifiable Information (PII) of credit union members. However, the network drive is not in a PCI compliant environment. Does this sound familiar? More importantly, do you know where your processor reports are being stored?

More and more board of directors and auditors are getting involved in this area of security and asking pertinent questions regarding the storage of information. Even if you do not believe that a data breach is a possibility (which is a false sense of security), this is still not the proper way to store and secure your reports.

Several tools on the market can solve this concern by extracting the reports, securely transmitting the data from the reports using File Transfer Protocol Secure (FTPS), and storing the report data in a secure environment, rather than on network drives. A side benefit of taking this action is to transform the report data into searchable data, which can be used by analysis tools.

When deciding which tool to use, here are some of the factors to consider:

1.    Does the tool provide entitlement rights (access controls) to limit who can access what sets of data?

2.    Is the data stored 100% encrypted or tokenized so that in the event of a breach the bytes of data would be useless?

3.    Does the environment where the data is stored ensure PCI compliant certification? Is the compliance a one-time event, or is the compliance on-going, for all future data extract, transform and loads, including additional reports that may come along down the road?

If securing your report data is on your list of priorities, ask us about IronSafe. Our data analytics team at Trellance will be happy to share the capabilities of this data analytics software with you. E-mail us at and get the power to use rich data to guide your business decisions.


Rate this article:
No rating
Lou Grilli

Lou GrilliLou Grilli

Lou is the AVP of Product Development & Thought Leadership at Trellance. In this role, he is responsible for managing the organization’s product portfolio, as well as providing leadership on industry trends related to data analytics and payments.

Other posts by Lou Grilli

Full biography , Contact author

Please login or register to post comments.


Featured Stories