Saturday, July 14, 2012

Secure Your Documents with PCI Compliance

By Rhonda Benjamin


PCI Compliance is applicable to all merchant organizations, regardless of the total number of transactions made, that accepts or stores any cardholder data. Whenever any customer makes any purchase under the name of the organization, then the PCI Compliance directly applies. Level 4 Merchants have to refer to their Merchant Bank for validation and deadlines. All deadlines are enforced from the merchant banks only.

PCI Compliance applies to all the merchant organizations, regardless of the total number of transactions made. Any merchant that accepts or stores any cardholder data. Whenever any customer makes any purchase under the name of the organization, then the PCI Compliance directly applies. Level 4 Merchants have to refer to their Merchant Bank for validation and deadlines. All deadlines are enforced from the merchant banks only.

PCI Compliance is required by all card brands. Protecting the valuable information like pin and card number is the main purpose. There are 6 main requirements for PCI Compliance. A merchant must follow the rules. Firstly, the vendor or the merchant must build and maintain a secure and reliable network. Firewall should be installed and maintained properly to protect the cardholder's data. Vendor given, default passwords should not be used. Secondly, a vulnerability management program should be maintained. Applications should be secured and maintained properly. Anti-virus programs should be updated regularly. Thirdly, strong access control measures should be implemented. Card holder's data should be restricted by business need-to-know. Unique ID should be assigned to each person. Physical access to cardholder data should be restricted. Fourthly, networks should be monitored and tested regularly. Tracking is a necessary measure that should be done. Encrypt transmission of cardholder data across open, public networks.

Some web hosting companies provides PCI Compliance as a service. When we are choosing a web hosting company that offers PCI Compliance, it should be checked what the company is actually providing. No matter what the PCI compliance services is, of the web hosting company, e-commerce merchants still need to take some steps on their own. Maintaining a policy that addresses information security involves all company staff that has access to credit card data.

PCI Compliance is applicable to all the merchant organizations, regardless of the total number of transactions made, that accepts, stores any cardholder data. Whenever any customer makes any purchase under the name of the organization, then the PCI Compliance directly applies. All the merchants that transmits or stores a cardholder's data must be compliant. Level 4 Merchants have to refer to their Merchant Bank for validation and deadlines. All deadlines are enforced from the merchant banks only.




About the Author:



0 comments:

Post a Comment

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More