If you are running an e-commerce business chances are you have heard about the PCI compliance. The goal of PCI is to set security standards for safer online payments. The Payment Card Industry Security Standard Council developed a security standard called Payment Card Industry Data Security Standard (PCI DSS) to be incorporated into the data security compliance program of credit card issuers like MasterCard, Visa, American Express and many more.
If you accept online payment – collect, process and store credit card information – you are required to adhere to a set of standards set by PCI standards Council. Failure to adhere to PCI compliance might result in fines and penalties, legal costs, loss of customer confidence and revenue loss.
PCI compliance continues the process, as a business owner you need to continually Assess your online payment process and analyze server vulnerabilities. Remediate the vulnerabilities by applying security patches and you should submit a quarterly scan Report to the acquiring financial institution. Most of the PCI compliance requirements are common sense security measures such as:
- Configure and manage your firewall
- Install SSL certificate
- Control and monitor the server/data access
- Update the OS and Antivirus regularly
- Regularly test the servers and apply security patches as soon as they become available
To become a PCI compliant you are required to go through an audit process, many approved scanning vendors in the market will conduct the external vulnerability scanning service to validate that you meet the standards set by the PCI DDS.
At Cirrus Hosting we offer a wide range of service dedicated server, public and private cloud so you can customize a solution based on your requirements to host your sensitive financial information. Our data center in downtown Toronto is PCI compliant and our knowledgeable technicians can help you through the challenging process of passing a vulnerability scan.