What is PCI DSS?
PCI DSS refers to a set of protocols set by the major credit card providers outlining rules which must be adhered to when handling cardholder information. Any business processing card payments, regardless of size, is bound by these rules. These are commonly known as the Payment Card Industry Data Security Standards (PCI DSS).
All merchants must adhere to the PCI DSS to be certified as PCI DSS compliant. The data security standards are set to ensure that all processes for taking, processing and storing credit card details are safe. Once the standards are adhered to, the merchant is deemed PCI DSS compliant.
What does PCI DSS compliance cover?
The PCI DSS cover a number of areas of your company’s systems and processes that may potentially be vulnerable to theft or misuse of data. The standards cover everything from your physical office security provisions and maintaining a secure network to implementing access control measures.
What happens if I am not PCI DSS Compliant?
Firstly, your customer data is at risk. If it is not adequately protected from theft, fraud and/or misuse, your customer’s credit card data may be stolen and used fraudulently. In that event, not only will you have some very unhappy customers, your brand image is also likely to suffer. Ultimately for organisations that are not deemed PCI DSS compliant, the major credit card providers may impose fines - or even withdraw their services - leaving you unable to take payment from your customers by credit card.
How can Sanderson help me achieve PCI DSS Compliance?
The onus for compliance lies with your business. However, as one of the first PCI DSS accredited service providers in the UK, we have a wealth of experience in helping our customers achieve and maintain PCI DSS compliance. Here are just some of the ways we can help:
PCI ready solutions
All software solutions provided by Sanderson are PCI ready. This means that when you implement one of our solutions, the overheads of achieving PCI DSS compliance are greatly reduced. Implementing a PCI ready solution allows you to concentrate instead on securing your networks, internal policies and procedures.
PCI secure hosting
Sanderson offers a hosting service, where we house your servers in a secure datacentre which adheres to the latest PCI DSS requirements. This service removes the headache of safe storage - and of keeping abreast of any changes to the standards relating to hardware storage – as Sanderson is fully responsible for your physical server security.
Critical system protection
We offer this service to retailers to ensure that devices within your own store network are protected. This service also enables you to ensure that the systems supporting your EPoS estate are secure, and provides 24/7 system monitoring to not only achieve but maintain PCI DSS compliancy.
PCI specialist partners
Sanderson has long established relationships with a number of specialist PCI companies who we work with to ensure our customers receive the best advice and are able to achieve PCI DSS compliance in the fastest, and most cost effective, way.
Call Sanderson on 0843 636 7221 to have your PCI DSS compliance questions answered and to get your business certified compliant.