What does it mean to be PCI Compliant?
Any business that handles customer credit card information must comply with current Payment Card Industry (PCI) security standards or face penalties. The standards apply to any merchant that processes, stores or transmits card data. These regulations are administered by the PCI Security Standards Council, which was launched in 2006 by major card brands such as Visa, MasterCard and Discover among others.
Whether your company has one employee or several hundred, you are required to conform to these regulations if you handle credit card information. Merchants are assigned a “Level” between 1 and 4 depending on the number of transactions they conduct per year. Compliance requirements differ between levels according to the risk involved, with Level 1 being the most stringent.
What happens if I don’t follow the Regulations?
PCI compliancy is not mandated by local or national governments. It is a set of regulations created by credit card brands, so failing to follow the standards does not constitute a criminal offense. However, ignoring the regulations or failing to meet PCI compliancy requirements can result in fines, audits and damage to your business’s reputation.
What is the Purpose of PCI Compliancy in the First Place?
Ultimately, PCI regulations are designed to protect everyone involved in credit card transactions, including you and your customers. By following the regulations and conducting routine vulnerability scans, you can prevent security breaches that may compromise sensitive personal data. In the event of a security breach, merchants are required to inform customers that may have been affected by data theft.
It’s important to note that some security breaches can occur even if you follow all of the regulations to the letter. A breach of data does not necessarily mean that you did something wrong, although many breaches are preventable with basic security measures.
How can Matrix Help with PCI Compliance?
We are an experienced provider of Managed IT Services, including network and data security. Many of our clients are bound by the requirements set forth by the PCI council, so we can take this into account when providing IT support. Feel free to contact us if you have questions about how our services match up with the PCI requirements for your Merchant Level.