Credit Card Security
Accepting credit cards is convenient, but in today’s world of security breaches, it is more important than ever to be sure you are compliant with rules regarding acceptance of credit cards for payment of your product or services.
If you process or store credit cards in any manner, you are required to comply with PCI DSS, or Payment Card Industry Data Security Standards. This is a set of LEGAL requirements you must abide by to maintain a secure environment. If you violate them, you will incur serious fines and fees.
Are you subject to them if you take credit card payments over the phone? Absolutely! If you have clients or customers that pay you direct by credit card, you’re subject to these laws.
Thinking you don’t process enough to matter or that “no one would want to hack us” is dangerous. All it takes is an employee writing down a credit card number in an e-mail or on a piece of paper to violate a law. You could incur legal fees and fines (as well as damage to your reputation) when you have to contact your clients to let them know you weren’t properly storing or handling their credit cards.
A great resource to determine if you are compliant is the PCI Security Standards Council, or www.pcisecuritystandards.org.
Getting compliant – or finding out if you ARE compliant will require an assessment of your specific environment, and how you handle credit card information.
Let us know if we can help!