Ecommerce :: Achieving PCI DSS Compliance (Page 1 of 2)

Authors: Maximum article exposure. Publishers: Reprintable article content.

BROWSE ARTICLES

	ArticleBiz.com Home
	Featured Articles
	Recently Added Articles
	Most Viewed Articles
	Article Comments
	Advanced Article Search

AUTHORS

	Submit Article
	Check Article Status
	Author TOS

PUBLISHERS

	RSS Article Feeds
	Terms of Service

Achieving PCI DSS Compliance

Home :: Business :: Ecommerce
By: Andy Eliason	Email Article
Word Count: 722	Digg it \| Del.icio.us it \| Google it \| StumbleUpon it

The Payment Card Industry Data Security Standard, or PCI DSS, was created to encourage merchants who store, process, or transmit credit card data to implement a certain level of security. And by "encourage," of course, I mean "mandate." Merchants who fail to achieve PCI DSS compliance will be subject to steep fines and even the loss of the ability to accept credit cards at all.

So how do you go about achieving PCI DSS compliance? The PCI Security Standards Council has laid out 12 requirements that a merchant must conform to in order to be considered compliant. These requirements are as follows.

Install and maintain a firewall configuration
A firewall is a device that controls the traffic that is allowed into your system. Every system must be protected by a firewall and unauthorized access must be blocked. The firewall must be actively maintained to deter unwanted intrusions.

Do not use vendor-supplied defaults for system passwords
When you first install a system, chances are they come with a standard list of passwords to install and begin accessing that system. These need to be changed immediately because chances are they are well known in the hacker community, and will be the first things they use when they attempt to gain access.

Protect stored cardholder data
This one seems obvious, but often companies don't do enough to ensure security. Data encryption is critical, and companies should even consider remote data storage as a viable option.

Encrypt transmission of cardholder data across open, public networks
If they can't get to it on your system, criminals could try to intercept sensitive information en route. But if you make sure the data is properly encrypted, you don't have much to worry about.

Use and regularly update anti-virus software
A daylight charge across the minefield isn't always the preferred way to get into a system, and criminal intrusions aren't the only threat to sensitive data. Viruses and other malicious programs can get into your system any number of ways, and the damage they do could be irreparable. Keeping updated defensive measures is critical.

Develop and maintain secure systems and applications
As patches are released to deal with known security issues in a program, you must make sure you have them properly installed and up-to-date.

Restrict access to cardholder data by business need-to-know
In reality, there are only a few people in any given company that need to have access to sensitive data. You must make sure that they are the only people who have legitimate access to it.

Assign a unique ID to each person with computer access
This allows only certain people with a certain ID to access credit card data. It also ensures that certain actions can be traced back to known and authorized users.

Restrict physical access to cardholder data
Again, there is very limited need for more than a few people to physically access sensitive data. By restricting access you can guard against people removing hardcopies or even entire systems.

Page 1 of 2 :: First | Last :: Prev | 1 2 | Next

Andy Eliason is a writer at Main10, Inc. If you'd like to learn more about PCI DSS compliance, or other data security storage options, visit Braintree Payment Solutions today.

Article Source: http://www.ArticleBiz.com

This article has been viewed 77 times.

Rate Article

Rating: 0 / 5 stars - 0 vote(s).

Article Comments

There are no comments for this article.

Leave A Reply

	Your Name
	Your Email Address [will not be published]
	Your Website [optional]
	What is seven + four? [tell us you're human]

Notify me of followup comments via email

RoadMap To Riches - Legitimate or Scam? By Gordon Garza
How Make Money With Your Team By David O'connor
What Is The Key To The Online Success For You? By Richard Van Beek
Your Competitors Can Be a Resource - Propose a Joint Venture with them By Christian Fea
Is It Possible To Make Legitimate Income Online Immediately? By Cynthia Minnaar
Four Things to Do if Your Traffic Numbers Drop By Scott Oliver
Creating brands on the Web - E-BRANDING By Adam Nowak
Proper Use of Keywords By Jason Pearson
7 steps To Design A Signup Form By Bjorn Brands
Buying Glasses Online: Online Shopping Trends By Donna Blitvich
The Shocking Truth About How To Start An Internet Business......Part 4 By Clinton Douglas Iv
Put Your Computer to Work for You By Richard Lee
Here Is One Easy Work From Ideas By William Hutchinson
Maintain Sales Month After Month By Zoe Price
How To Earn Money Online In 7 Easy Steps By Brian Mccoy
3 Exciting Ways To Make Money Online By Rich Ramalho
Microsoft RMS Supported eCommerce Cart Solution By Avnish Saxena
What You Don't Know About Keywords... That Your Competitors May Know By Jennifer Horowitz
How Can I earn Cash Online? By Rachel Harding
Start Your Own Online Training Site By Chris Haycock
Make Money: Improve Lives Online By Don Downes
EDC Diamond - Business Review By Gordon Garza
Autoresponders Revealed By George Franklin
10 Tips to Keep Members Glued to Your Site By Jeremy Gislason
How To Make Money On The Internet By Billy Vaughn
Google Adwords Profit Strategy Basics By John Lane
Work Online, Get Paid at Home! By Richard Lee
Choosing an MLM Company By Colin Meunier
Why Do So Many People Start Their Internet Business With Affiliate Programs? By Louis Charles Martel
Internet Banking and Privacy Policies Information By Terry Detty

Copyright © 2008 by ArticleBiz.com. All rights reserved.
	Terms of Service \| Privacy Policy \| Contact Us \| Submit Article \| Editorial