PCI Compliance standards, otherwise known as the Payment Card Industry Compliance standards, were set up by a PCI council on Dec. 15th, 2004. These standards were put into place in order to protect an individual's credit and debit card information. As defined by PCI Compliance Council, these standards were formed to decrease credit card fraud. The PCI Compliance standards are evaluated for all companies each year by a QSA (qualified security assessor). In the month of September, 2006, the PCI Compliance standard was updated to version 1.1.
The objective of PCI Compliance is to build and maintain a secure network. This is being performed by maintaining a highly active firewall to protect the card holder's data. Passwords should be changed regularly, and default passwords as set by the company should not be used.
The pci compliance standards affect all merchant organizations no matter how many transactions they accomplish at their business. There are different merchant levels given by the pci compliance council to businesses. While these levels are based on how many transactions the company does, it is important to stress that no matter how many transactions are made, theses standards and rules still apply. Higher level merchants, like merchant 4 or above may have additional rules and regulations to follow. Any business that accepts or stores cardholder data must follow the pci compliance standards. It is very important, so don't overlook it.
Card holder data must be protected. Encryption of the transmission of cardholder data across open networks is very important. A vulnerability management program should be set up and maintained by the company. Antivirus software should be installed on all systems and secure systems and applications should be maintained.
Fourthly, networks should be monitored and tested regularly. Tracking is a necessary measure that should be done. Fifthly, encrypt transmission of cardholder data across open, public networks. Lastly, information security policy should be maintained. These are the sections of the PCI compliance standards.
The objective of PCI Compliance is to build and maintain a secure network. This is being performed by maintaining a highly active firewall to protect the card holder's data. Passwords should be changed regularly, and default passwords as set by the company should not be used.
The pci compliance standards affect all merchant organizations no matter how many transactions they accomplish at their business. There are different merchant levels given by the pci compliance council to businesses. While these levels are based on how many transactions the company does, it is important to stress that no matter how many transactions are made, theses standards and rules still apply. Higher level merchants, like merchant 4 or above may have additional rules and regulations to follow. Any business that accepts or stores cardholder data must follow the pci compliance standards. It is very important, so don't overlook it.
Card holder data must be protected. Encryption of the transmission of cardholder data across open networks is very important. A vulnerability management program should be set up and maintained by the company. Antivirus software should be installed on all systems and secure systems and applications should be maintained.
Fourthly, networks should be monitored and tested regularly. Tracking is a necessary measure that should be done. Fifthly, encrypt transmission of cardholder data across open, public networks. Lastly, information security policy should be maintained. These are the sections of the PCI compliance standards.
About the Author:
Looking to find the best advice about the pci compliance standards, then visit www.trust-guard.com to find out all you need to know about the pci compliance standards.
No comments:
Post a Comment