PCI DSS Compliance
If you are using a provider associated with the Payment Card Industry (“PCI”) to accept credit card payments for your business, at some point you will likely be required to run compliance scans to certify that your system is safe from cyberattack, that all transactions are secure, and that your internal controls maintain the highest security possible so that cardholder data can never be compromised. Being in compliance helps you, at the minimum, eliminate unwanted non-compliance penalties or, in the worst case, prevent the loss of the ability to use a payment service at all. PCI Data Security Standards (“PCI DSS”). Compliance is a methodology system which helps ensure, if you diligently institute and retest, that your livelihood is not compromised by a hack. We can get you through the PCI DSS compliance process.
PCI DSS Compliance Requirements
1: Install and maintain a firewall configuration to protect cardholder data.
2: Do not use vendor-supplied defaults for system passwords and other security parameters
3: Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks
5. Use and regularly update anti-virus software.
6. Develop and maintain secure systems and applications.
7. Restrict access to cardholder data by business need-to-know.
8: Assign a unique ID to each person with computer access.
9: Restrict physical access to cardholder data
10: Track and monitor all access to network resources and cardholder data
11: Regularly test security systems and processes
12: Maintain a policy that addresses information security