Are you risking $100,000 a month in fines?
One of the least understood aspects of PCI DSS compliance is that fines for being non-compliant range from $5,000 to $100,000 per month. Additionally, a recent survey showed that 69% of consumers are less inclined to do business with a breached organization. While there is a whole host of reasons why a business should make PCI compliancy a priority, roughly 80% of organizations are still not PCI compliant.
PCI compliance is a set of standards and guidelines for companies to manage and secure credit card related personal data. The major credit card companies – Visa, Mastercard, and American Express – established Payment Card Industry Data Security Standards (PCI DSS) guidelines in 2006 to protect credit card data from theft and fraud.
Staley Technologies is here to take the stress out of PCI while protecting you and your customers.
80%
of organizations are still not PCI compliant
GoAnywhere.com
(8 Shocking PCI compliance Statistics)
12 General Requirements of PCI:
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
- Use and regularly update anti-virus software or programs
- Develop and maintain secure systems and applications
- Restrict access to cardholder data by business need to know
- Assign a unique ID to each person with computer access
- Restrict physical access to cardholder data
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
- Maintain a policy that addresses information security for all personnel
4 Steps to PCI Compliance
- Know your requirements - Depending on your business, the level of requirements change.
- Map your data flows - Before you can protect card data, you need to know where it lives and how it gets there.
- Check Security Controls and Protocols - Work with IT and security teams to ensure the right security configurations and protocols are in place.
- Monitor and Maintain - PCI compliance is an ongoing process to ensure compliancy.
