Founded in 2006 by Visa, MasterCard, JCB International, American Express and Discover, the PCI Security Standards Council is a global organization that maintains standards for the Payment Card Industry. PCI Security Standards Council helps ensure that cardholder data is kept secure all over the world. The companies above all share equally in the governance and execution the Council’s work.
The PCI Security Standards Council helps merchants learn about and implement standards that protect their payment systems from theft and breaches of cardholder data. The organization allows vendors to identify and enforce rules that ensure more secure payment solutions.
All companies, no matter the size, should maintain compliance with the Payment Card Industry Data Security Standard or PCI DSS. This ensures that cardholder data is securely hosted by a compliant provider. With PCI DSS Compliance, consumers can rest assured that their credit card information is kept secure when performing actions online.
What does a PCI DSS Compliant merchant do?
Protect Cardholder Data
Companies can do this by not automatically storing cardholder data. Also, there should be multiple layers of defense to secure data. This might include actual physical protection such as the use of locked networking cabinets and virtual security, which provides for user passwords and authentication to keep sensitive data from prying eyes. Another way to protect data is to ensure that it is encrypted across open networks.
Monitor and Address Security Vulnerabilities
Merchants that are PCI DSS compliant use and update anti-virus programs on a regular basis. They also develop and maintain secure applications. Systems should be constantly monitored for security weaknesses. And, alert systems should be in place to provide notification of vulnerabilities.
Limit Access to Sensitive Data
Access to sensitive data should be tracked and monitored. There should be systems in place that track user activities. One way to do this is to assign each person that has computer access a unique ID and password. These steps can help identify the cause of a security breach, should one occur. It can also help ensure that cardholder data is kept safe at all times.
Ensure Network Is Secure
One of the easiest and best ways to ensure network security is to install and maintain a firewall. A test procedure should also be in place to protect cardholder data and ensure a secure, private network. Companies must avoid using vendor-supplied passwords. Completely new and unique passwords should be created to help secure data.
Maintaining cardholder security is our top priority at Intiva Health. That is why we adhere to PCI/DSS rules and regulations. Although PCI DSS compliance isn’t mandated by federal law, we believe that it should be. We are committed to providing a secure environment for our customers, which is why we are PCI DSS compliant. This helps us ensure that your sensitive credit card data is kept out of the wrong hands. We provide that extra layer of security to keep your data safe and secure.