IT BEST PRACTICES

Subscribe to
IT Best Practices.

STAY CONNECTED


    Industry series: Why Proper Data Centers Are Crucial for Retail

    We are inching toward becoming a cashless society. In fact, 60% of transactions are now made with a credit or debit card. Pair that with services like Apple Pay, PayPal and Google Wallet, and paper money is likely to continue to decrease in popularity.

    That means your retail business relies on these digital payment methods to stay afloat. It also means you are at the mercy of PCI regulations that protect customer data.

    Of course, processing the influx of these noncash payments often requires the help of a data center. That’s why it is so invaluable to understand the Payment Card Industry Data Security Standard’s (PCI DSS’) requirements.

    Here is a brief look at the basic requirements and importance of PCI in the retail data center:

    UNDERSTANDING PCI DSS

    Payments that happen online or processed digitally, are subject to The Payment Card Industry Data Security Standard—a set of regulations and requirements that were created with the protection of cardholder data in mind. Since 2005, all major credit card companies (Visa, AmEx, Discover, JCB, and MasterCard) have followed the standard set forth by the Payment Card Industry Council.

    Any merchant that accepts credit card payments is responsible for following PCI protocol, regardless of size or transaction volume. Still, those that handle a large volume of annual transactions are subject to more compliance checks and audits.

    At minimum, to remain compliant, merchants and retailers who process, store or transmit sensitive credit card data must:

    • Fill out thorough self-assessment questionnaires. (SAQs)
    • Conduct regular security audits.
    • Hire an Approved Scanning Vendor (ASV) to assess website and server vulnerability.

    Additionally, retail merchants need to comply with 12 separate requirements in six individual categories.

    BUILD AND MAINTAIN A SECURE NETWORK

    • Requirement 1- Install and maintain a firewall.
    • Requirement 2- Do not use vendor-supplied defaults for system passwords or other security parameters.

    PROTECT CARDHOLDER DATA

    • Requirement 3- Protect stored cardholder data.
    • Requirement 4- Encrypt transmission or cardholder data across public networks.

    MAINTAIN A VULNERABILITY MANAGEMENT PROGRAM

    • Requirement 5- Protect all systems against malware and regularly update anti-virus programs.
    • Requirement 6- Develop and maintain secure systems and applications.

    IMPLEMENT STRONG ACCESS CONTROL MEASURES

    • Requirement 7- Restrict access to cardholder data by business need-to know.
    • Requirement 8- Identify and authenticate access to system components.
    • Requirement 9- Restrict physical access to cardholder data.

    REGULARLY TEST AND MONITOR NETWORKS

    • Requirement 10- Track and monitor all access to network resources and card holder data.
    • Requirement 11- Regularly test security systems and processes.

    MAINTAIN AN INFORMATION SECURITY POLICY

    • Requirement 12- Maintain an information security policy.

    WHY IS PCI COMPLIANCE SO IMPORTANT?

    Whether processing, storing or transmitting data, merchants can have their businesses practically ruined by failing to properly protect customer card data. From loss of reputation to hefty fines, it is non-negotiable for retailers.

    The PCI Security Standards Council website explains in very plain language that, “If cardholder data is stolen – and it’s your fault – you could incur fines, penalties, even termination of the right to accept payment cards!”

    Following PCI standards secures your business’ longevity and allows customers to shop easy when making purchases in your brick and mortar or online store.

    In short, PCI non-compliance can result in more than just fines. While they alone may be enough to sink your business, there is virtually no coming back if you lost the trust of your customers.

    Need help to ensure you are PCI compliant? Our data centers are PCI compliant and audited. Contact us to find out how we can keep your retail business secure.

    Industry series: Why Proper Data Centers Are Crucial for Retail

    We are inching toward becoming a cashless society. In fact, 60% of transactions are now made with a credit or debit card. Pair that with services like Apple Pay, PayPal and Google Wallet, and paper money is likely to continue to decrease in popularity.

    That means your retail business relies on these digital payment methods to stay afloat. It also means you are at the mercy of PCI regulations that protect customer data.

    Of course, processing the influx of these noncash payments often requires the help of a data center. That’s why it is so invaluable to understand the Payment Card Industry Data Security Standard’s (PCI DSS’) requirements.

    Here is a brief look at the basic requirements and importance of PCI in the retail data center:

    UNDERSTANDING PCI DSS

    Payments that happen online or processed digitally, are subject to The Payment Card Industry Data Security Standard—a set of regulations and requirements that were created with the protection of cardholder data in mind. Since 2005, all major credit card companies (Visa, AmEx, Discover, JCB, and MasterCard) have followed the standard set forth by the Payment Card Industry Council.

    Any merchant that accepts credit card payments is responsible for following PCI protocol, regardless of size or transaction volume. Still, those that handle a large volume of annual transactions are subject to more compliance checks and audits.

    At minimum, to remain compliant, merchants and retailers who process, store or transmit sensitive credit card data must:

    • Fill out thorough self-assessment questionnaires. (SAQs)
    • Conduct regular security audits.
    • Hire an Approved Scanning Vendor (ASV) to assess website and server vulnerability.

    Additionally, retail merchants need to comply with 12 separate requirements in six individual categories.

    BUILD AND MAINTAIN A SECURE NETWORK

    • Requirement 1- Install and maintain a firewall.
    • Requirement 2- Do not use vendor-supplied defaults for system passwords or other security parameters.

    PROTECT CARDHOLDER DATA

    • Requirement 3- Protect stored cardholder data.
    • Requirement 4- Encrypt transmission or cardholder data across public networks.

    MAINTAIN A VULNERABILITY MANAGEMENT PROGRAM

    • Requirement 5- Protect all systems against malware and regularly update anti-virus programs.
    • Requirement 6- Develop and maintain secure systems and applications.

    IMPLEMENT STRONG ACCESS CONTROL MEASURES

    • Requirement 7- Restrict access to cardholder data by business need-to know.
    • Requirement 8- Identify and authenticate access to system components.
    • Requirement 9- Restrict physical access to cardholder data.

    REGULARLY TEST AND MONITOR NETWORKS

    • Requirement 10- Track and monitor all access to network resources and card holder data.
    • Requirement 11- Regularly test security systems and processes.

    MAINTAIN AN INFORMATION SECURITY POLICY

    • Requirement 12- Maintain an information security policy.

    WHY IS PCI COMPLIANCE SO IMPORTANT?

    Whether processing, storing or transmitting data, merchants can have their businesses practically ruined by failing to properly protect customer card data. From loss of reputation to hefty fines, it is non-negotiable for retailers.

    The PCI Security Standards Council website explains in very plain language that, “If cardholder data is stolen – and it’s your fault – you could incur fines, penalties, even termination of the right to accept payment cards!”

    Following PCI standards secures your business’ longevity and allows customers to shop easy when making purchases in your brick and mortar or online store.

    In short, PCI non-compliance can result in more than just fines. While they alone may be enough to sink your business, there is virtually no coming back if you lost the trust of your customers.

    Need help to ensure you are PCI compliant? Our data centers are PCI compliant and audited. Contact us to find out how we can keep your retail business secure.

    Subscribe to
    IT Best Practices.

    STAY CONNECTED


      ALL ARTICLES

      Blog

      Shining Light on Our Clients’ Biggest Areas of Vulnerability

      READ MORE
      Cloud Services

      How Cloud Services Can Improve Your Bottom Line

      READ MORE
      Cloud Services

      Does Moving to Cloud Services Mean Losing Control of My Data?

      READ MORE
      Cloud Services

      How Inefficient Data Center Management May be Crippling Your Business

      READ MORE
      Uncategorized

      Ariat Western Wear, Indonesia, and the Cloud: a Global IP Networks Update

      READ MORE
      Blog

      Employees are Going Back to the Office: Should Your Business Keep Cloud Services?

      READ MORE
      Blog

      3 Ways the Cloud Can Boost the Efficiency of Your Supply Chain

      READ MORE
      Uncategorized

      “Tenacious Technology”: Global IP Networks’ Approach to Five-Star Service Delivery

      READ MORE
      Blog

      3 Unexpected Ways NaaS Creates Business Value

      READ MORE
      Blog

      Why IT Assessments For Healthcare Organizations Are Vital

      READ MORE

      You Have The Momentum. We Help Keep It Going.

      At Global IP Networks, our mission is to keep your net working. Our team of dedicated, certified IT experts is 100% committed to your success. For over 20 years, we’ve relentlessly helped companies like yours tackle their IT challenges to maximize the security, uptime and performance of their networks.

      That’s tenacity. That’s Global IP Networks.

      wLearn More