PCI Compliance Standards Must Be Followed
PCI Compliance standards, otherwise known as the Payment Card Industry Compliance standards, were set up by a PCI council on Dec. 15th, 2004. These standards were put into place in order to protect an individual's credit and debit card information. As defined by PCI Compliance Council, these standards were formed to decrease credit card fraud. The PCI Compliance standards are evaluated for all companies each year by a QSA (qualified security assessor). In the month of September, 2006, the PCI Compliance standard was updated to version 1.1.
The objective of PCI Compliance is to build and maintain a secure network. This is being performed by maintaining a highly active firewall to protect the card holder's data. Passwords should be changed regularly, and default passwords as set by the company should not be used. There are six sections to the standards and they need to be reviewed and maintained by companies on a regular basis to avoid fines.
The pci compliance standards affect all merchant organizations no matter how many transactions they accomplish at their business. There are different merchant levels given by the pci compliance council to businesses. While these levels are based on how many transactions the company does, it is important to stress that no matter how many transactions are made, theses standards and rules still apply. Higher level merchants, like merchant 4 or above may have additional rules and regulations to follow. Any business that accepts or stores cardholder data must follow the pci compliance standards. It is very important, so don't overlook it.
The physical access to card holder data should be restricted. All card holder data needs to be kept safe and secure. Proper testing and monitoring of networks should be done and maintained. Tracking and monitoring all access to network resources and cardholder data also needs to be accomplished. Security systems need to be tested properly and frequently.
Fourthly, networks should be monitored and tested regularly. Tracking is a necessary measure that should be done. Fifthly, encrypt transmission of cardholder data across open, public networks. Lastly, information security policy should be maintained. These sections of the PCI compliance standards are very important and should be reviewed and followed by all businesses on a regular basis. You don't want the fines that are associated with non compliance so you should be aware.
The objective of PCI Compliance is to build and maintain a secure network. This is being performed by maintaining a highly active firewall to protect the card holder's data. Passwords should be changed regularly, and default passwords as set by the company should not be used. There are six sections to the standards and they need to be reviewed and maintained by companies on a regular basis to avoid fines.
The pci compliance standards affect all merchant organizations no matter how many transactions they accomplish at their business. There are different merchant levels given by the pci compliance council to businesses. While these levels are based on how many transactions the company does, it is important to stress that no matter how many transactions are made, theses standards and rules still apply. Higher level merchants, like merchant 4 or above may have additional rules and regulations to follow. Any business that accepts or stores cardholder data must follow the pci compliance standards. It is very important, so don't overlook it.
The physical access to card holder data should be restricted. All card holder data needs to be kept safe and secure. Proper testing and monitoring of networks should be done and maintained. Tracking and monitoring all access to network resources and cardholder data also needs to be accomplished. Security systems need to be tested properly and frequently.
Fourthly, networks should be monitored and tested regularly. Tracking is a necessary measure that should be done. Fifthly, encrypt transmission of cardholder data across open, public networks. Lastly, information security policy should be maintained. These sections of the PCI compliance standards are very important and should be reviewed and followed by all businesses on a regular basis. You don't want the fines that are associated with non compliance so you should be aware.
About the Author:
Learn more about thepci compliance standards. Stop by Josie Lynn's site where you can find out all about pci compliance and how it can help you.