PCI Compliance
The Payment Card Industry Data Security Standard
PCI Overview
As online commerce and financial transactions have increased in recent years, so have data theft, phishing attacks, and
hacking attempts. In an attempt to correct serious vulnerabilities in common online practices, and ensure a baseline of
financial security online for businesses, MasterCard and Visa jointly developed the Payment Card Industry Data Security
Standard (PCI DSS). This standard, backed by all major card vendors, applies to any company that transmits or processes
credit or debit card information. The joint standard requires that all online vendors, who accept credit cards, comply
with regulations that call for encrypted transmission of cardholder data, periodic network scans, logical and physical
access controls, activity monitoring and logging.
The PCI DSS Standard Explained
The PCI Data Security Standard is broken into six specific parts, with a total of twelve overall requirements. Its
implementation requires the development and adoption of security policies, the use of various hardware and software to
ensure security, as well as adapting existing systems to use these technologies. Today, all merchants, including electronic
commerce merchants, and service providers employing credit and debit card processing, must comply with the PCI Data Security
Standard or they will face fines of up to $500,000 per incident of non-compliance.
Implementation
As it is a required standard for online businesses, it is important to consider the way in which these policies are
developed and implemented to meet with compliance. If efficiently enforced, the standard can offer additional peace of
mind and confidence to the consumer and vendor. INetU's hosting consultants can help with the implementation and
maintenance of systems to meet the required PCI DSS standards.
| Home » Managed Hosting » Compliance & Industry Solutions » PCI Compliance
|
