HIGHLIGHTS
UD called 'epicenter' of 2008 presidential race

Refreshed look for 'UDaily'

Fire safety training held for Residence Life staff

New Enrollment Services Building open for business

UD Outdoor Pool encourages kids to do summer reading

UD in the News

UD alumnus Biden selected as vice presidential candidate

Top Obama and McCain strategists are UD alums

Campanella named alumni relations director

Alum trains elephants at Busch Gardens

Police investigate robbery of student

UD delegation promotes basketball in India

Students showcase summer service-learning projects

First UD McNair Ph.D. delivers keynote address

Research symposium spotlights undergraduates

Steiner named associate provost for interdisciplinary research initiatives

More news on UDaily

Subscribe to UDaily's email services


UDaily is produced by the Office of Public Relations
The Academy Building,
105 East Main St.
Newark, DE 19716-2701
(302) 831-2792

UD conference examines hospitality industry credit card issues

5:17 p.m., June 4, 2008--A recent conference on Payment Card Industry (PCI) Compliance in Hospitality, held in May at Clayton Hall, made it clear that compliance with PCI data security remains a significant issue for hospitality information technology professionals.

The two-day conference, which was attended by about 100 professionals from the hospitality information technology industry, featured presentations from some of America's leading hospitality experts.

The first-ever conference of its kind dedicated to PCI compliance within the industry was sponsored by UD's Department of Hotel and Restaurant and Institutional Management (HRIM), in conjunction with the United Compliance Framework (UCF).

“PCI compliance means different things to different hospitality IT professionals, and our conference helped to put things in perspective,” Cihan Cobanoglu, associate professor of hospitality information technology and co-chair of the PCI conference, said. “The roles of each party, including franchise, IT vendor, payment processing company and owner, were clearly identified. The conference addressed what is needed to be compliant and how to achieve this compliance.”

Cobanoglu said that highlights of the conference included a keynote talk by Bob Russo, general manager of the Payment Card Industry Standards Security Council, and a presentation by Tia Ilori, of Visa.

“On the first day, various speakers explained the road to PCI compliance and the challenges along the way,” Cobanoglu said. “The second day focused on the 'how' part, with representatives from Shavlik Technologies and Verizon Business offering tools and techniques to help a hospitality company become PCI compliant.”

Colleen Kulhanek, director of marking for Shavlik Technologies, said that with businesses and networks continually changing, PCI compliance is not a single point-in-time event.

“To achieve and sustain PCI compliance, organizations must focus on security first and adopt an ongoing process to identify and remediate system weaknesses and security gaps without blowing the budget," Kulhanek said. “Shavlik's participation in the first conference for PCI in hospitality confirmed there is a tremendous need for PCI education.”

A concern of many in the hospitality industry, Kulhanek said, is identifying the best practices for achieving and maintaining PCI compliance.

“We were pleased to tell attendees at the conference how Shavlik's solutions simplify and automate the process for identifying and closing security gaps relative to patch levels, unapproved software and security configuration settings,” Kulhanek said.

PCI Compliance conference co-chairman Dorian Cougias, chief technology officer and co-creator of United Compliance Framework, said that the large number of participants at the conference underlined the need to educate hospitality businesses about credit card compliance.

“They realize PCI requirements are actively enforced, and that they are at risk of losing access to credit card processing,” Cougias said. “The industry faces other regulations as well, and attendees were able to actively begin the process of integrating their compliance efforts into a larger compliance framework in addition to understanding what the PCI requirements mean to their organizations.”

A second PCI conference will be held in Houston, Texas, Feb.9-10, with conference materials being sent to attendees of the UD PCI compliance conference, Cobanoglu said.

For more information about the past or future conferences, visit [www.hospitalityITcompliance.org].

Article by Jerry Rhodes