Achieving PCI Compliance is Worth It
For all merchants, achieving and maintaining PCI compliance can be daunting and time consuming – but it is worth the effort to keep your business and your customers’ information safe.
What is PCI Compliance?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. In general, PCI compliance is required by credit card companies to make online transactions secure and protect them against identity theft. Any merchant that wants to process, transmit or store credit card data is required to be PCI compliant, according to the PCI Compliance Security Standard Council.
Six Categories of PCI Compliance
The PCI Compliance Security Standard Council, who oversees the security standards for merchants, identifies six categories of regulations to follow. Please note that these are high-level descriptions of the requirements and you can contact your payment processor or visit the PCI standards website for more specific information.
- Secure Card Processing Network
-
- Install firewalls to protect sensitive data, like credit card numbers
- Change the default passwords for any new hardware, software, or system updates immediately
- Protect All Cardholder Information
-
- Put proper security and access controls around any cardholder data stored
- Use encryption when transmitting data across public or open networks
- Protect Your Systems Against Malware
-
- Regularly update antivirus and other security software
- Maintain secure systems and applications
- Put Access Control Measures in Place
-
- Ensure only authorized personnel have access to cardholder data
- Monitor and Test Your Networks
-
- Monitor and track anyone who has access to cardholder data
- Test security systems and procedures for flaws or vulnerabilities
- Create and Maintain an Information Security Policy
-
- Share an information security policy that clearly sets out how your organization deals with PCI DSS and the responsibilities of employees and contractors
Is Your Business PCI Compliant? We Can Help.
Contact us online or call 1-800-621-8931.
Subscribe to Card Talk
Our monthly newsletter delivers the latest payments news straight to your inbox