Payment Card Industry Data Security Standard is an industry standard that is put into place to help protect your consumers credit card information. If your business stores, processes, or transmits credit card information you must be in compliance with this standard to maintain payment security.
PCI compliance is a continuous process and must meet several core requirements.
There are 12 requirements that must be met to be compliant.
- Install and maintain a firewall
- Do not use default passwords or security parameters
- Store only what you need
- Encrypt the transmission of cardholder data
- Keep an up to date antivirus
- Keep patch management up to date
- Restrict access to cardholder information to need to know only
- Use unique authentication for persons
- Restrict physical access to the data
- Monitor access to data
- Test regularly the security systems and processes
- Maintain an information security policy
InfoSecure is a Qualified Security Assessor who can perform on-site PCI DSS assessments. We can tell you if you are in compliance or not and then give you corrective actions on how you can become and remain compliant. A final report on compliance will be given to you to produce to your financial institution or payment card brand.