PCI Compliance in Focus for Small Businesses

PCI Compliance in Focus for Small BusinessesRecently, the U.S. Small Business Administration (SBA) compiled a report addressing some of the biggest threats to online security for small business owners,

“Small businesses are becoming a larger target for criminals seeking to access sensitive data because attackers are well aware that small businesses have limited resources or personnel dedicated to information system security,” the report reads.

Above all else, experts say, it’s vitally important for businesses with an online presence to ensure that they are using a PCI compliant vendor for processing consumer payments.

Given that 85% of all credit card-related security breaches occur at smaller companies, small businesses are compelled like never before to take responsible steps to protect customer privacy and financial data. In particular, this means going the extra mile to ensure that their merchant account details and equipment are PCI compliant.

Although the term “PCI compliant” is ubiquitous in the world of business today, few can actually explain what it means. So what is the PCI data security standard and why should you care about it?

The PCI Security Standards Council was formed in September 2006 by the five major credit card brands: Visa, MasterCard, American Express, Discover, and the Japanese Credit Bureau (JCB). Ever since, the Payment Card Industry (PCI) data security standard has played an integral part in shielding consumer payment card data from criminals.

The standard outlines a set of 12 specific requirements that cover six different goals. According to MyPCI.com, the goals include: (1) Build and Maintain a Secure Network; (2) Protect Cardholder Data; (3) Maintain a Vulnerability Management Program; (4) Implement Strong Access Control Measures; (5) Regularly Monitor and Test Networks; (6) Maintain an Information Security Policy.

Although it sounds like a lot to handle, your merchant service provider can be trusted to help ensure that you remain PCI compliant.

According to North American Bancard, a trusted provider of merchant services to more than 180,000 businesses in North America, a quality service provider “takes multiple steps to ensure that your business is PCI compliant.”

As NAB explains on its official blog, your merchant service provider takes care to continually update their terminal software (the software that your business uses in its pay terminals) so that they can easily remedy any compliance issues that may arise.

“They also employ a team of trained professionals, who are available 24/7, to help make sure that merchant and agents are PCI compliant. This means preventing errors and credit card fraud, saving both yourself and your customers a whole lot of potential headaches.”

Bob Russo, General Manager of the PCI Security Standards Council, believes that it has never been more important for business owners to learn more about PCI compliance and basic security practices. “Education is a big issue,” Russo asserts. “Some of the smaller merchants that just come into the business don’t really know what their responsibilities are with regard to handling credit cards.”