PCI Free Blog

PCI Compliance Coincides with Basic Network Security

If you read my blog last week I’ve been complaining about merchants complaining that becoming PCI compliant and maintaining their PCI compliance is too hard.  To be fair, I am usually writing this from the perspective of the typical small business, since they tend to be not only the most numerous group, but also the least concerned and informed about the purpose of the PCI DSS.  This seems strange since small businesses are a favorite target of hackers and thieves for this very reason.  Small businesses are the more vulnerable and easier to breach because the owners think they are under the radar. 

Some large businesses do have to do quite a bit of upgrading to do, based on their degree of reliance on computer databases to conduct business and the size of their network.  But only if over the last few years they have been very lax about keeping apace with current computer security software and equipment.  Businesses operating on a large scale that accept credit cards should have an IT professional employed for maintaining and upgrading your network as needed.  Trained IT professionals should already have the knowledge and expertise they need to protect your network.  As long as they are vigilant about network security and always update virus protection software regularly, you are probably already PCI compliant as a matter of course since computer security has always been important, long before PCI compliance became mandatory. 

I have to admit even I have trouble understanding the lengthier SAQ’s for businesses that electronically store cardholder information as a necessary aspect of the business, but then I’m not a trained IT professional.  Filling out one of these highly technical SAQ’s falls under the purview of your computer network engineer or general IT technician and is written in a language he or she will understand. 

PCI compliance is essential both for your business and the overall integrity of the entire electronic payments system.  Go to our home page to find out how your company can become PCI compliant absolutely free.

This entry was posted in PCI Compliance, PCI DSS and PA-DSS, Sensitive Data Storage. Bookmark the permalink.

Leave a Reply