Credit-Card Security: External Resources
As we get into the busy holiday season, it is important to remember the resources available to help you mitigate the increased risk of credit-card fraud. If you have questions about how to secure your credit-card transactions, you should know where to turn for advice. Let’s look at a few resources:
1. Qualified Security Assessors: They are put through a stringent training and testing protocol to ensure they have the most up-to-date knowledge of the complexities of the payment environment and every facet of the PCI Security Standards Council’s guidelines.
2. Approved Scan Vendor: Most organizations need to have a quarterly scan of their computer networks performed by an ASV. This scan helps look for holes or vulnerabilities in your IT system.
3. Acquiring Banks: More businesses should involve their acquiring banks (the bank that allows you to process card transactions) in their security process. They have a lot of incentive to help you in your PCI compliance journey, and they have seen a multitude of different ways to meet the rigors of organizational security.
4. Vendors: It is important to remember there are no silver bullets to security. Seek partnerships with vendors that can add value beyond technology solutions, with practical advice and case studies of those who have faced similar challenges.
5. Payment-Card Brands: Each brand has educational resources, and many are catered to your size or type of business.
6. PCI Security Standards Council: The council does a lot more than simply define the standards—it also provides key informational supplements and educational documents that address specific challenges which other organizations have helped to create. There’s also a searchable FAQ on our Web site that brings up relevant answers as you type your security questions.
Bob Russo General Manager PCI Security Standards Council Wakefield, Mass.