Today, nearly all businesses accept credit and debit cards as a form of payment. To protect your customers’ sensitive data, the payment card industry has developed a set of standards known as the Payment Card Industry Data Security Standard, or simply PCI-DSS. As a merchant, you must be compliant with the new PCI-DSS requirements by July 1, 2010 or risk losing your ability to process debit and credit card transactions. Let’s take a closer look.
Becoming PCI-DSS Compliant
Developed & enforced by the 5 major credit card networks including Visa, MasterCard, JCB, American Express, and Discover, PCI-DSS requirements apply to all businesses that store, process, and transmit cardholder data. There are 12 requirements that fall into 6 categories as follows:
- Build and maintain a secure network - includes firewalls and passwords
- Protect cardholder data - data encryption and storage procedures
- Maintain a Vulnerability Management Program - anti-virus and operating system security
- Access Control Measures - covers both electronic and physical access and handling of sensitive data
- Monitoring and Testing Networks - schedule regular tests of security measures
- Information Security Policy - formalized security policy that’s updated and distributed regularly
There is a wealth of information and resources online to help ensure that you are compliant with the new PCI-DSS requirements by the July 1st deadline. In fact, Sage has developed a dedicated website for Sage Accpac (as well as MAS 90/MAS 500) customers at:
You’ll also find complete details on the official PCI Security Standard website at www.PciSecurityStandards.org.
The Lighter Side of PCI-DSS
Contact Us and we’ll email you a FREE copy of the e-book “PCI Compliance for Dummies.”
This comprehensive e-book explains how to comply with PCI-DSS requirements, presented in plain English and in a light-hearted fashion.
Please be sure to contact us if you have specific questions about PCI-DSS compliance and your Sage Accpac system.