If your business processes and stores credit cards, than you’ve probably already heard of PCI. PCI stands for payment card industry, and is a proprietary information security standard for organizations that handle branded credit cards from the major card providers such as Visa, MasterCard, American Express, and Discover. It consists of a complex set of data standards that outline how credit card data can be used and stored. The object is to keep consumers safe, but for most business owners compliance represents a big headache. You need a network security expert with specialized training in PCI compliance to help you ensure your data is secure. Read on below for some quick tips on how to be PCI compliant, and fill out the form to get in touch with a security expert that can help.
First Steps for PCI Compliance
Install and maintain a firewall configuration to protect cardholder data. Do not use vendor-supplied defaults for system passwords and other security parameters.
Protect stored cardholder data. Encrypt transmission of cardholder data across open, public networks.
Use and regularly update all anti-virus software programs. Develop and maintain secure systems and applications.
Control access to cardholder data on a need-to-know basis. Assign a unique username and password to each user on the network. Restrict physical access to cardholder data.
All access to the network should be restricted and monitored, especially access to cardholder data. Security and backups should be tested regularly.
External Vulnerability Scanning
Most businesses that need to be PCI compliant need to do external vulnerability scanning on a quarterly basis. They will also need to complete any remediation necessary as revealed by these scans.
Learn about the basics of PCI Compliance with this quick reference guide!