PCI Compliance
Payment Card Industry (PCI) compliance is an issue revolving around the acceptance of credit cards. Business owners that accept credit cards or wish to accept credit cards must be PCI compliant. There are many rules and regulations regarding the acceptance of credit cards, so it can be confusing for business owners. Thankfully, TokenEx can help you to simplify the compliance process. But further to that, a PCI Compliance checklist outlines the Dos and Don’ts for business owners when dealing with PCI compliance. Business owners should take note of the following items to ensure constant protection of sensitive data.
Things to Do
- Keep your anti-virus software up-to-date and maintain your firewall
- Monitor and test any systems and/or networks that contain credit card data
- Restrict access to credit card information to only necessary employees
- Any employee with access to credit card information should be assigned a password that is complex and changed frequently
- Encrypt credit card information when necessary
- If information is outsourced, verify that the third-party company is PCI compliant
- Test for programming vulnerabilities
- Keep all computers on the system updated with the latest patches, updates and other essential software to keep data safe
Things to Avoid
- Do not store unnecessary data after payment authorization (magnetic stripe data or the three digit value on the back of some credit cards)
- Do not store credit card information in simple text format
- Never use default passwords or vendor-supplied passwords; always change passwords frequently and keep them complex
- Do not allow constant access from remote-access applications
While there are many other rules and regulations regarding PCI compliance, business owners can help ensure security by starting with this list. It is the responsibility of the business owner to keep credit card information secure and protect their customers from breaches of security. Taking the time to monitor computer systems and remembering the “little things”, like changing passwords, can save a consumer from identity theft or worse.
If you have any questions, please send is a message using our Contact Us form.