Payment Card Industry Data Security Standard (PCI DSS) is a common sense standard based on good IT Security policy. The objective is to protect customer credit card information from compromise. With the holiday season upon us, eCommerce and credit card processing activities will ramp through the end of the year. Trillions of dollars are transacted via credit card every year. So what can you do to ensure your business is PCI compliant?
PCI Compliance Assessment
Determine if your company policies and procedures ensure PCI compliance. In addition to technology considerations, your employees should be trained on how to protect credit card information. If credit cards are taken over the phone, never write down card numbers. If employees are entering credit card information into an order processing system or payment authorization gateway, ensure the data is encrypted when stored. If your business uses a Cloud Based service, check to ensure they are PCI compliant too.
PCI Compliance and Network Security
Another consideration for PCI Compliance is your network security. In addition to a firewall, you should lock down any unsecure WiFi access. Unauthorized access to your network could leave your business open to exposure of malware, virus and man in the middle threats in which credit card information can be accessed without your knowledge.
Network Monitoring for PCI Compliance
PCI Compliance is not a one time effort. To stay compliant you should periodically review your policies and monitor your systems. Periodic network monitoring can detect any unauthorized access, network security violations and any other deficiencies that require immediate remediation.
Maintaining PCI compliance for your business helps you avoid costly security intrusions and data loss of your customer credit card information. Protecting credit card information from security threats takes common sense and solid network security. If you need assistance to determine if your business is PCI Compliant, contact your Network Security expert today.