Network PCI Compliance

PCI Compliance

Does Network PCI Compliance ensure security? The answer is, "Not necessarily."

The ever-growing number of recent accounts of highly-publicized data breaches, in seemingly PCI (Payment Card Industry) compliant and protected companies reveals just how critical it is to become as knowledgeable and properly protected as possible.

Payment card information is an extremely high-profile and highly targeted medium and the tactics of cybercriminals are becoming more and more sophisticated and advanced.

No organization is ever entirely secure; but with the proper defense technologies, businesses can tremendously alleviate their risk and vulnerability, and make it much more difficult for cybercriminals to breach their private networks and data.

To ensure network PCI compliance, you must:
1. Maintain an Information Security Policy
    • Maintain a policy that addresses information security
2. Build and Maintain a Secure Network
    • Install and maintain a firewall configuration to protect cardholder data
    • Do not use vendor-supplied defaults for system passwords and other security
      parameters
3. Maintain a Vulnerability Management Program
    • Use and regularly update anti-virus software
    • Develop and maintain secure systems and applications
4. Regularly Monitor and Test Networks
    • Track and monitor all access to network resources and cardholder data
    • Regularly test security systems and processes
5. Protect Cardholder Data
    • Protect all cardholder information that you store
    • Encrypt the transmission of cardholder data across public networks
6. Implement Strong Employee Access Control Measures
    • Restrict employee access to cardholder data unless their work role requires access to
      it
    • Assign a unique ID to each person with computer access
    • Restrict physical access to cardholder data

What are the consequences to my business if I don’t comply with the PCI DSS?
There can be serious consequences if you do not ensure network PCI compliance. Failure to comply can have serious consequences for your business, your customers, and your financial institution; especially should the data become compromised.

At InfoSight, our security experts can help you ensure network PCI compliance by helping you develop a robust security framework from which your business operates. Contact us today.

Complementary Services
IT Audit / Compliance Assurance Program
IT Risk Assessment
Enterprise Risk Management