By Mike Monocello, Business Solutions magazine.
The beginning of Steve Van Zoeren's story about his efforts surrounding PCI compliance is like that of many other ISVs. Under pressure to "get compliant" with the credit card processing security standards put forth by the PCI Council, the ISV did his best to act with urgency and in good faith while hoping that his interpretation of the standards and subsequent alterations to his Anthology bookselling software were adequate. However, as the ISV sunk years of time and money into changing his software and learned more about the standards, he realized that he might never be compliant if he continued down the path he was on. In the end, he found a way to remove his software from the scope of PCI. In other words, PCI compliance became a nonissue to Anthology.