Interesting article for Hospitality Technology.  It’s a pretty good
piece on taking responsibility for the data that you collect and use
and it’s got the right focus - your brand and the consumer.

The
only thing that I would take a little bit of an issue with is the
attitude of compliance being more than security.  I think this is the
way that a lot of tech guys understand security - it’s locking down the
network, managing passwords, and encryption.  The definition of
‘Security’ needs to be understood at the business level - security
isn’t just technical, it’s not just something that the network admins
need to deal with.

Security is a multi-faceted ‘thing.’ 
Apparently I can’t seem to find the correct word there…  In fact,
it’s flipped around - Security is Bigger than Compliance because, by
definition, security standards are focused on one or more aspects of an
environment.  True security needs to look at the entire environment -
IT, process, operations, HR, etc., etc.

PCI DSS Compliance:  Just Whose Responsibility is It?