This is the second of three related posts educating our readers to the challenges they face when accepting credit or debit payment cards. If you have not read our first post on this subject, we invite you to do so now by clicking here.
We Care About Your Business and Its Security
As an Information Technology expert in Bay County and the Florida Panhandle, we strive to pass on information that is useful – even critical – to the welfare of our clients, friends, and neighbors. We believe credit card compliance is an important topic.
Why Payment Card Security Matters
The theft of cardholder data affects everyone. Customer’s personal credit can be affected, and merchants and financial institutions lose credibility and business. In addition, these two institutions can be subject to numerous and varied financial liabilities and associated legal litigation.
Prevent the Theft of Your Customers Cardholder Data
The best assurance of protecting your customers and their payment card data is to remain in compliance by continuously monitoring and enforcing the use of controls specified in the PCI Data Security Standard. The Council does not enforce compliance; this is done by individual payment brands or acquiring banks. Following the PCI Security Standard is just good business.
What Is the Standard?
The PCI Security Standard process works like this:
- Scoping and Assessment: Scoping involves identifying all of your system components that are located within or connected to the cardholder data environment. While this can be a self-assessment, it’s recommended businesses work with an expert to perform an on-site Security Standard Assessment. This process identifies cardholder data, includes an inventory of IT assets and business processes for payment card processing, and provides an analysis of vulnerabilities.
- Remediation: The results of the previous assessment will help develop a plan to address found vulnerabilities, allowing your business to allocate resources and set a timeline to ensure the issues are fixed or eliminated.
- Reporting: A report is compiled and submitted to each appropriate acquiring bank and/or card brands.
- On-going Monitoring and Assessments: Security and compliance are not one-time projects you can simply check off the “to do” list. Since your business is always changing – business processes, new products/services, replacing technology, employee turnover – and the bad guys are always looking for ways to steal your data, you should schedule to continuously review your compliance. This will ensure the changes you are making are working as well as to help you uncover any new risks that may appear in your business.
Garner IT Consulting Can Help
As an experienced IT Consultant, Garner IT Consulting can lead you through a clear, efficient, and cost-effective process that will keep your business compliant with the payment card standards and various credit card companies. We can minimize risk and maximize your business’s security. This investment typically also leads to significant increases in business productivity for you. Just give us a call at 850.250.3210 or drop by our offices at 1330 Harrison Avenue, Panama City/Bay County, Florida. As always, we promise you a warm welcome and we’ll listen carefully as you describe your business IT needs.
Look for our third and final post on this subject coming soon!
Best wishes, Randall and Julie Garner and the entire team of Garner IT professionals.