Could You Be Fined $500,000?
It used to be that only retail stores and restaurants accepted credit cards. My how times have changed. Now, you can pay just about everyone - from your plumber to your attorney - with a credit card.
Do you accept credit cards?
With the added convenience of rapid payment comes the additional responsibility to maintain the security of your clients’ information. The rules governing the credit card world are known as the Payment Card Industry (PCI) Data Security Standard.
What are the rules?
Companies who accept credit cards must adhere to the following rules: Install and maintain a firewall configuration to protect data.
- Do not use vendor-supplied defaults for system passwords and other security.
- Protect stored data.
- Encrypt transmission of cardholder data and sensitive information across public networks.
- Use and regularly update anti-virus software.
- Develop and maintain secure systems and applications.
- Restrict access to data by business need-to-know.
- Assign a unique I.C. to each person with computer access.
- Restrict physical access to cardholder data.
- Track and monitor all access to network resources and cardholder data.
- Regularly test security systems and processes.
As incidents of debit/credit card fraud and identity theft have become more prevalent, enforcement of the PCI standards has become more stringent. Failure to comply can result in higher processing fees, fines (up to $500,000), and/or loss of processing abilities. In fact, many merchant services firms (the companies who actually process the credit card payments) are now requiring a network scan to verify compliance prior to providing service.
Are you compliant?
The HelpDesk Company follows a series of Best Practices that provide the infrastructure security necessary. It’s critical that your company implement other Best Practices (such as secure passwords) to ensure total compliance. Not sure where you stand? Give Elizabeth a call at 804-282-2282 or click here to send her a message.