Major credit card issuers created PCI (Payment Card Industry) compliance standards to protect personal information and ensure security when transactions are processed using a payment card.
All members of the payment card industry(financial institutions, credit card companies and merchants) must comply with these standards if they plan on accepting credit cards. Failure to meet compliance standards can result in fines from credit card companies and banks and even the loss of the ability to process credit cards.
The first step in PCI compliance is to meet those standards. Credit card companies and financial institutions validate that vendors are abiding by the regulations, giving them ratings based on their volume of transactions. The rating that a company receives determines its validation process. Next month, we’ll take a look at the four validation ratings, and what each rating means to a company.
An SSAE 16 Type 2 (formerly SAS 70) Report is officially a "Report on management's description of a service organization's system and the suitability of the design and operating effectiveness of controls".
Most organizations have a number of information security controls. Without an ISMS however, the controls tend to be disorganized and disjointed,often from having been implemented as point solutions to specific situations or simply as a matter of convention.
Security controls typically address certain aspects of IT or data security, leaving non-IT information assets (such as paperwork and proprietary knowledge) less well -protected. Business continuity planning and physical security, for example, may be managed independently of IT or information security, while Human Resources practices may make little reference to the need to define and assign information security roles and responsibilities throughout the organization.
You can connect with CBOSS easier than ever by following us on various social media sites. Stay up-to-date with the latest security news in the industry and how we are protecting our clients data and businesses.
Want the latest CPP or DotNetNuke CMS tips or what updates are coming soon? We keep you up to date with a digest of no more than twice per month. Subscribe and you will receive the next newsletter as soon as it is issued. We respect your privacy. Learn more about how we use your information here.