The Payment Card Industry Data Security Standard (PCI DSS) applies to companies of any size that accept credit card payments. If your company intends to accept card payment, and store, process or transmit cardholder data, you need to host your data securely with a PCI compliant hosting provider.
According to the Security Standards Council, there are 12 compliant requirements that meet a variety of security goals. These goals are: Building and maintaining a secure network, protecting card holder data, maintaining a vulnerability management program, implementing strong access control measures and maintaining an information security policy. Here's your guide to the four different levels of compliance as mandated by the major payment card brands, Visa and Mastercard, as well as action items for each.
Some business owners think that keeping up with PCI standards costs too much money and effort to be worth it. In fact, a security breach for a company of any size can have severe consequences. A small or medium sized merchant can face hundreds of thousands of dollars due to a security leak-and that is not all.
Level 3: Your company has 20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level also requires a network scan with an approved scanning vendor. Level 4: You have less than 20,000 Visa and/or Mastercard e-commerce transactions processed per year. Must complete a Self-Assessment Questionnaire (SAQ) annually, and requires a network scan with an approved scanning vendor.
When you stay compliant, you are part of the solution - a united, global response to fighting payment card data compromise. Compliance has indirect benefits as well. Through your efforts to comply with Security Standards, you'll likely be better prepared to comply with other regulations as they come along, such as HIPAA, SOX, etc.
According to the Security Standards Council, there are 12 compliant requirements that meet a variety of security goals. These goals are: Building and maintaining a secure network, protecting card holder data, maintaining a vulnerability management program, implementing strong access control measures and maintaining an information security policy. Here's your guide to the four different levels of compliance as mandated by the major payment card brands, Visa and Mastercard, as well as action items for each.
Some business owners think that keeping up with PCI standards costs too much money and effort to be worth it. In fact, a security breach for a company of any size can have severe consequences. A small or medium sized merchant can face hundreds of thousands of dollars due to a security leak-and that is not all.
Level 3: Your company has 20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level also requires a network scan with an approved scanning vendor. Level 4: You have less than 20,000 Visa and/or Mastercard e-commerce transactions processed per year. Must complete a Self-Assessment Questionnaire (SAQ) annually, and requires a network scan with an approved scanning vendor.
When you stay compliant, you are part of the solution - a united, global response to fighting payment card data compromise. Compliance has indirect benefits as well. Through your efforts to comply with Security Standards, you'll likely be better prepared to comply with other regulations as they come along, such as HIPAA, SOX, etc.
About the Author:
Learn more about the pci compliance standards. Stop by Kate Bailey's site where you can find out all about the payment card industry compliance standards and what they can do for you.
0 Comments