Quick Tip: Handle credit card data with utmost security… or else!
Why? If you handle, process or store credit cards in any manner, you are required to comply with PCI DSS, or Payment Card Industry Data Security Standards. This is a set of LEGAL requirements you must abide by to maintain a secure environment. If you violate them, you will incur serious fines and fees.
Are you subject to them if you take credit card payments over the phone? Absolutely! If you have clients that pay you direct by credit card, you’re subject to these laws. However, there are various levels of security standards – but thinking you don’t process enough to matter or that “no one would want to hack us” is dangerous. All it takes is an employee writing down a credit card number in an e-mail or on a piece of paper to violate a law; and then you’ll be left with legal fees, fines and the reputation damage incurred when you have to contact your clients to let them know you weren’t properly storing or handling their credit cards.
Getting compliant – or finding out if you ARE compliant – isn’t a simple matter we can outline in a 1-2-3-step checklist. It requires an assessment of your specific environment and how you handle credit card information. If you'd like help with this, give us a call today.
P.S. If you haven't started using a new "chip"-based card either for work or personal, we encourage you to do so. They are more secure than the "magnetic strip" style cards because of enhanced encryption and authentication algorithms.
You must be logged in to post a comment.