PCI Compliance and You

What do you think about this article? Rate it using the stars above and let us know what you think in the comments below.
When one thinks of the term PCI, they probably think of the computer term. There is actually another valid use for the term PCI, which is Payment Card Industry. A payment card is a credit or debit card, and naturally, there is a system in place to make sure that all of the transactions go through smoothly. Essentially the PCI Security Standards Council puts into effect a set of standards for merchants that use credit cards in their business. Sadly, there is a reason for this type of security. The saying goes that ''They wouldn't say it unless someone had done it.'' People need their information to be protected, and PCI makes sure that this is done, saving you money as well as time.

All merchants no matter how big or small need to comply with the PCI standards if they're going to take credit cards, and that means they need to do a few things:


The network needs to be rather secure, this means there needs to be a firewall in place so that no one from the outside can break in (easily) and see the cardholder data that is being processed. When you set up a firewall, you also need to make sure that you don't use stock passwords. This means that if you acquire a router with a default password, you're going to need to change it to make it more secure. Most would suggest using a password generator that creates a sequence of random numbers and letters.

It is equally important to make sure that you encrypt the cardholder data so that it cannot be deciphered as it leaves your network and goes across public networks on the way to its destination.


All computers are vulnerable to viruses, you need to make sure that your system has a decent and up to date anti-virus program installed to protect from malicious software. You also need to make sure that your systems and applications are completely secure.

Access Control:

Everything should be need-to-know; information regarding cardholders should not be shared with anyone unless there is some burning need. You should also make sure that everyone who uses the computers has a unique ID so that you know who was having access at what time.

Monitoring and Testing:

All activity on the network needs to be monitored at all times, that way it is well known who was doing what, and on top of that regular tests should be run to make sure that the network is still capable of fending off attacks, and that nothing has been tampered with.


Make sure that everyone knows the security protocols, and write up a policy explaining how everything works, and how everything is to be done. Make sure that your policy is in writing and that everyone is exposed to it.

Those are the steps that need to be taken to ensure the security of cardholder information. It may seem to be a bit much, but when you think about it, you want your information kept secure because you could end up losing money if your information is leaked.
If this article has helped you in some way, will you say thanks by sharing it through a share, like, a link, or an email to someone you think would appreciate the reference.

Popular tags:

 router  merchants  firewall  lawsuits  credit cards  payment card  debit cards  payment card industry  offices  authors

EmploymentCrossing provides an excellent service. I have recommended the website to many people..
Laurie H - Dallas, TX
  • All we do is research jobs.
  • Our team of researchers, programmers, and analysts find you jobs from over 1,000 career pages and other sources
  • Our members get more interviews and jobs than people who use "public job boards"
Shoot for the moon. Even if you miss it, you will land among the stars.
ComplianceCrossing - #1 Job Aggregation and Private Job-Opening Research Service — The Most Quality Jobs Anywhere
ComplianceCrossing is the first job consolidation service in the employment industry to seek to include every job that exists in the world.
Copyright © 2023 ComplianceCrossing - All rights reserved. 169