PCI/DSS – The Future of Online Payment Security
It’s no secret that people are concerned about information security while doing business online. The Payment Card Industry Data Security Standard is list of protective, preemptive measures enforced within organisations which process credit card payments.
So, what does PCI/DSS have to do with you?
Well, if your site is handling credit card payments, your bank and payment provider will soon require PCI/DSS certification to continue accepting payments.
Additionally, PCI/DSS compliance gives you the peace of mind that comes with storing your customers’ credit card data on servers that have been configured to the highest industry security standards.
Why Be PCI/DSS Compliant?
- It’s gaining traction within the security and hosting industries.
- The PCI Security Standards Council is working to make PCI/DSS an industry standard.
- PCI/DSS is set to be the hallmark of secure online vendors and credit card companies.
- Working towards PCI/DSS compliance on your site now will put you ahead of the curve and at the forefront of server security.
- It ensures that server activity is constantly monitored.
- Compliance is not a one time goal, and doesn’t just come straight out of the box.
- As an ongoing process, PCI/DSS requires the full attention of knowledgeable and dedicated sysadmins.
- It increases payment freedom.
- Store credit card data on your own server.
- Switch payment processors and payment systems without requiring your customers to resubmit credit card information.
- Enjoy payment flexibility unavailable with certain payment providers: configure recurring subscription payments with a set expiry date, for example.
What Does PCI/DSS Consist Of?
The current PCI/DSS consists of 12 overarching compliance requirements, each of which have multiple sub-sections and technically specific details, totaling up to a 228-point checklist.
These requirements provide standards for firewalls, passwords, physical and remote server access, and other security concerns.
Visit Gossamer Host’s PCI/DSS page for a list of all 12 compliance requirements, or for further details on the current PCI/DSS (v1.2), visit the PCI/DSS website and read their Self Assessment Questionnaire.
PCI/DSS and Gossamer Host
As the above list indicates, PCI/DSS compliance is no small task, and requires significant and long-term collaboration between site admins and their hosting providers.
We’re now happy to extend PCI/DSS service to Gossamer Host clients.
9 of the 12 PCI/DSS requirements come standard with any Gossamer Host hosting plan. For those who want the added security and customer confidence that comes with total PCIDSS compliance, Gossamer Host’s systems administrators are specially trained in enforcing the remaining requirements and will be happy to work with you.
Feel free to contact us to discuss how we can help you ensure that your website is ready for the next generation of web security.