Small businesses that process credit card payments, either online or face to face must be PCI compliant. This compliance process is to ensure that customers credit card details are kept in a safe environment. If customer’s credit card information is stolen from your business network, and your business is found to be non-compliant, not only will the business incur significant fines, but it will also suffer extremely bad publicity, which could lead to the demise of your business. After all who will give there credit card details to a business where the information is not safeguarded!!!!

Small business Credit Card PCI Compliance requires the following to be adhered:

  • Firewall Configuration – Restricted connections between untrusted networks.
  • Vendor defaults for system passwords and other security parameters must be replaced.
  • Cardholder data must only be retained until authorisation of transaction – data must be destroyed in a secure manner.
  • Cardholder data which is sent across open, public networks must be transmitted under encryption.
  • Anti-virus software or programs must be installed on all systems and must be kept current with automatic updates and configured to run scans capable of generating audit logs.
  • Develop and maintain secure systems and applications.
  • Cardholder data must be restricted to business need- to – know.
  • Unique user IDs must be assigned to only those who need access to the credit card data and should only be assigned based on job classification and function.
  • Physical access within a business to credit card data needs to be restricted.
  • Track and monitor all access to network resources and credit card data.
  • Regular testing of security systems and processes is essential.
  • A policy addressing information security for employees and contractors must be maintained.

It is essential for all small businesses that process credit card payments to adhere to the above requirements, to avoid incurring significant fines and bad publicity. The above list may appear daunting don’t despair. Eonvia specialises in helping with Irish small business credit card PCI compliance. We will walk you through everything your business needs, and help you implement and maintain the systems that are required. Call us today!!!