A Guide to PCI Compliance
Today, nearly all businesses accept credit and debit cards as a form of payment. To protect your customers’ sensitive data, the payment card industry has recently developed a set of standards known as the Payment Card Industry Data Security Standard, or simply PCI-DSS. As a merchant, you must be compliant with the new PCI-DSS requirements or risk losing your ability to process debit and credit card transactions. Let’s take a closer look.
Becoming PCI-DSS Compliant
Developed & enforced by the 5 major credit card networks including Visa, MasterCard, JCB, American Express, and Discover, PCI-DSS requirements apply to all businesses that store, process, and transmit cardholder data. There are 12 requirements that fall into 6 categories as follows:
- Build and maintain a secure network - includes firewalls and passwords
- Protect cardholder data - data encryption and storage procedures
- Maintain a Vulnerability Management Program - anti-virus and operating system security
- Access Control Measures - covers both electronic and physical access and handling of sensitive data
- Monitoring and Testing Networks - schedule regular tests of security measures
- Information Security Policy - formalized security policy that’s updated and distributed regularly
PCI-DSS Resources
There is a wealth of information and resources online to help ensure that you are compliant with the relatively new PCI-DSS requirements. In fact, you’ll find complete details on the official PCI Security Standard website at www.PciSecurityStandards.org.
The Lighter Side of PCI-DSS
Contact Us and we’ll email you a FREE copy of the e-book “PCI Compliance for Dummies.”
This comprehensive e-book explains how to comply with PCI-DSS requirements, presented in plain English and in a light-hearted fashion.
Or request a copy directly by phone or email to:
Annette Manias
(502) 429-6902 x222
Oasis@oasisky.com
