How tight your security needs to be really depends on how many transactions are done annually. There are a few different levels, and these range from 1 to 4. The number depends on how many transactions are done, and when a merchant has more than six million transactions per year, then he/she will need to have an actual in-person assessment of his/her abilities as far as PCI Compliance goes. This is done by a Qualified Security Assessor, also known as a QSA. If there are fewer transactions going on in your establishment then you won't have to have an actual QSA come in; you can assess the integrity of the network yourself, and they actually have a PCI- Self Assessment Questionnaire that you can fill out and send in.
There's a checklist and you need to go through the twelve requirements, which can be found on that piece of paper, and you need to answer yes or no to each one. If you answer no to one of them then it's pretty obvious that the requirement isn't being met, and you are likely to get a visit from someone who doesn't look very happy. In order to avoid this you need to make sure that you are actually meeting all of the PCI standards. Having everything in pristine condition will ensure that you will have minimal issues when dealing with compliance.
If you have any security threats you need to find a way to patch them so that you don't end up failing the examination. It's very important that everything be safe and sound when you transmit someone's credit card information. This is why your network needs an ASV, which will scan the network, tell you where all the weak spots are, and then recommend how to fix them. The report that is generated needs to be sent to the banks so that they can tell you whether or not you've done a thorough enough job, or if you need to work out a few bugs and try again. You should know that if you handle more transactions than the average business, you are going to need to be validated constantly, and it could get rather irritating at times.
If you're unsure of how to become PCI compliant you are quite in luck because there are actually programs out there that will be able to walk you through the entire process. You can be up and running in no time flat with these programs and you will gain a better understanding of what it means to be PCI compliant.
It's not going to be easy, but having the ability to accept credit cards will mean a lot more people will be able to shop at your establishment. If you think about it, there are a lot of people these days who simply do not carry cash with them because frankly it's a security risk. It's a lot harder for someone to use a stolen debit card!