Gossamer Blog

PCI/DSS - The Future of Online Payment Security

June 8, 2009

pci-dss-gossamer-threads-title

It’s no secret that people are concerned about information security while doing business online. The Payment Card Industry Data Security Standard is list of protective, preemptive measures enforced within organisations which process credit card payments.

So, what does PCI/DSS have to do with you?

creditcard-security1

Well, if your site is handling credit card payments, your bank and payment provider will soon require PCI/DSS certification to continue accepting payments.

Additionally, PCI/DSS compliance gives you the peace of mind that comes with storing your customers’ credit card data on servers that have been configured to the highest industry security standards.

Why Be PCI/DSS Compliant?

  • It’s gaining traction within the security and hosting industries.
    • The PCI Security Standards Council is working to make PCI/DSS an industry standard.
    • PCI/DSS is set to be the hallmark of secure online vendors and credit card companies.
    • Working towards PCI/DSS compliance on your site now will put you ahead of the curve and at the forefront of server security.
  • It ensures that server activity is constantly monitored.
    • Compliance is not a one time goal, and doesn’t just come straight out of the box.
    • As an ongoing process, PCI/DSS requires the full attention of knowledgeable and dedicated sysadmins.
  • It increases payment freedom.
    • Store credit card data on your own server.
    • Switch payment processors and payment systems without requiring your customers to resubmit credit card information.
    • Enjoy payment flexibility unavailable with certain payment providers: configure recurring subscription payments with a set expiry date, for example.

What Does PCI/DSS Consist Of?

The current PCI/DSS consists of 12 overarching compliance requirements, each of which have multiple sub-sections and technically specific details, totaling up to a 228-point checklist.

checklist

These requirements provide standards for firewalls, passwords, physical and remote server access, and other security concerns.

Visit Gossamer Host’s PCI/DSS page for a list of all 12 compliance requirements, or for further details on the current PCI/DSS (v1.2), visit the PCI/DSS website and read their Self Assessment Questionnaire.

PCI/DSS and Gossamer Host

As the above list indicates, PCI/DSS compliance is no small task, and requires significant and long-term collaboration between site admins and their hosting providers.

PCI/DSS compliance has become a key issue for Gossamer Host over the past year, starting with establishing it on the servers which run our own Gossamer sites.

gossamer-threads-data-center

We’re now happy to extend PCI/DSS service to Gossamer Host clients.

9 of the 12 PCI/DSS requirements come standard with any Gossamer Host hosting plan. For those who want the added security and customer confidence that comes with total PCIDSS compliance, Gossamer Host’s systems administrators are specially trained in enforcing the remaining requirements and will be happy to work with you.

Feel free to contact us to discuss how we can help you ensure that your website is ready for the next generation of web security.

Related Posts

  1. The Data Centre Behind Gossamer Host
    As a software company selling products for websites, we...
  2. MySQL Performance Monitoring
    Part of our managed hosting service includes the active...
  3. Gossamer Host and Bricolage CMS
    Gossamer Threads is proud to unveil our hosted version...
  4. Google Search Appliance Integration
    Gossamer Threads acquired a new toy for our data...

Tags: , , , , , ,

This entry was posted on Monday, June 8th, 2009 at 5:13 pm and is filed under Gossamer Host Related. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “PCI/DSS - The Future of Online Payment Security”

  1. Joseph Ponnou Says:
    June 24th, 2009 at 10:59 pm

    Thank you for sharing and highlighting this all-important matter of PCI-DSS. The truth, however, is that the awareness level among merchants is still very low regarding PCI DSS and its benefits, making it a vital role for those of us in the industry to spread the word around.

    Keep up the good work.

  2. Element Payment Services Says:
    August 6th, 2009 at 11:21 am

    PCI Compliance is increasingly important, especially as card companies continue to increase fines and penalties for non-compliance. I agree with Joseph, merchant awareness is still lacking.

    We’ve devised a fun and informative tool that highlights PCI compliance. It’s called the PCI Compliance Quiz Widget and it’s a great test of PCI compliance knowledge. It’s also fully portable, allowing you to cut and paste the script so that you can then host it at your website or blog. Take the quiz and see if you’re “PCI Green” or a “PCI Guru.”

  3. Online Payment Updates from Around at Online Payment Dubai UAE | Mobile Payment Abu Dhabi Dubai UAE United Arab Emirates Says:
    August 19th, 2009 at 5:45 am

    [...] Gossamer Blog ยป PCI/DSS – The Future of Online Payment Security – PCI/DSS – The Future of Online Payment Security. June 8, 2009. pci-dss-gossamer-threads-title. It’s no secret that people are concerned about information security while doing business online. The Payment Card Industry Data Security … [...]

  4. Bishop Ricard Says:
    August 24th, 2009 at 10:49 pm

    Thanks for providing such useful information regarding PCI security. As I have read from several sites that that PCI DSS is a multifaceted security standard that includes requirements for security management, network architecture, software design, policies, procedures and other critical protective measures. This comprehensive standard is mainly designed to help organizations to protect customer account data safely.
    I want to know that with the help of this standard how we can monitor and test networks connected our clients.

Leave a Reply