What is PCI-DSS and why should I care

What is PCI-DSS

PCI-DSS is the Payment Card Industry Data Security Standards, managed by the PCI-SSC (Payment Card Industry Security Standards Council). These standards define how information must be handled in order to protect your client’s information. As a merchant, PCI-DSS is defined as how that data must minimally be protected to meet compliance.

Why Should I Care

PCI-DSS provides a framework that provides Data Security protection for business and consumers. In 2013 there were several major reported breaches (See Another major data breach, 40 Million possibly affected and Time for a proactive approach to Security). Were these companies following minimum PCI-DSS Standards? More than likely, but again, that means the minimum requirements. If a breach can occur at the minimum level, imagine how much more at risk a company is if they don’t even have the minimum safeguards in place.

If you are a small business you should know that small businesses are key targets for data thieves. For one reason because many small business owners do not realize what is needed and how to protect their information making them easy target. For another, many small businesses don’t audit their environment making it is easy for a breach to go unnoticed.

Finally, did you know that IF cardholder information is breached and IF you are not following the compliance requirements you are responsible and can receive fines, fees, and even lose your right to accept payment cards from  your clients?

How do I get started

Need more information on how to Get Started? The PCI-SSC has released a number of excellent resources to get you started. You can also contact Mr. Schnardthorst at +1 636 866 0481 and setup a time to discuss your specific needs.