dcsimg

Demonstrate your PCI DSS compliance with by completing an SAQ

Organisations that accept card payments are responsible for the security of customers’ payment information and must comply with the PCI DSS (Payment Card Industry Data Security Standard).  Compliance will be a lengthy process for some, but organisations that handle fewer than six million transactions annually can speed up the process by completing an SAQ (self-assessment questionnaire).  There … [Read more...]

A compliance checklist for the 12 requirements of the PCI DSS

Any organisation that stores, processes or transmits payment card data must comply with the PCI DSS (Payment Card Industry Data Security Standard).  The Standard contains 12 requirements, which we’ll run through in this blog along with an overview of the steps you should complete to meet each one.   1. Install and maintain a firewall configuration to protect cardholder data Firewalls control … [Read more...]

Having trouble complying with the PCI DSS? Here are some tips

Keeping cardholder data secure can be incredibly difficult, but have you tried… not storing so much information? You’d be surprised at how effective that apparently flippant advice is. Organisations often store more information than they need, making security trickier than it should be. Take primary account numbers (PANS). This information is needed far less other than cardholders’ names and card … [Read more...]

PCI DSS dissected: Reducing your cardholder data environment

The requirements of the Payment Card Industry Data Security Standard (PCI DSS) should be considered the starting point of security. The Standard doesn’t cover everything that organisations can do to protect payment card data, but it does cover everything that they should do, such as put in place the appropriate procedures, policies and work practices. Still, many organisations don’t see the PCI … [Read more...]