One of these days, you will get a letter from your merchant account provider (the company which processes credit card payments for you) which instructs you to submit a “PCI Compliance Report” for your web site. It may be strongly worded and will probably wield the Big Stick: comply or forget about accepting credit cards. New merchants, those just opening their e-commerce sites, are likely to get hit with this requirement sooner than established merchants.

Satisfying this demand from your merchant bank is just another hoop for you to jump though, kind of like paying taxes. Though the process looks overly complex to the uninitiated, it is well understood and you can easily satisfy the requirements. (OK, I’ll admit it. The process is overly complex but so are taxes. But you can still easily satisify the requirements)

In bringing your web site into PCI compliance, you will address three broad areas. 1) You will assure that your web site and e-commerce software are securely configured. 2) You will assure that your web site and computer network are not vulnerable to attack from outside. 3) You will examine and possibly revise your business practices to assure that you securely handle any sensitive credit card data. This article is not a complete guide but it should help to demystify the process.

To assure that your web site and e-commerce software are securely configured, you should start with a web hosting account which can be configured to be PCI compliant (many cannot). Second, you should work with your webmaster or e-commerce consultant to assure that your web hosting account remains in compliance. New bugs are found in software every day and patched versions of the software are released just as frequently. Your web site will need regular attention to remain PCI compliant. Our Virtual Priviate Servers can be configured and maintained as PCI compliant hosting platforms.

Securing your e-commerce software will be much easier if you choose an application which is PA-DSS certified (f/k/a PABP certified). Visa implemented five mandates on January 1, 2008, the third of which states that as of October 1, 2008, “Newly boarded Level 3 and 4 merchants [those processing less than 1,000,000 transactions per year] must be PCI DSS compliant or use PA-DSS-compliant applications.” We recommend PDG Commerce for e-commerce web sites. PDG Commerce version 5, due out very shortly, will be PA-DSS compliant.

Once you have secured your hosting account and e-commerce application, you will have an Approved Scanning Vendor conduct an External Vulnerability Scan of your web site. This scan will confirm that your hosting account and e-commerce software comply with the PCI Security Standards Council’s requirements regarding defense from attacks over the internet. When your site passes the scan, you will receive a PCI Compliance Report which you can forward to your merchant bank. We recommend the McAfee SECURE PCI Certification Service. It is cost effective and provides excellent documentation on any problems it finds and clear suggestions for resolving the issues.

Finally, your merchant bank may ask you to “self-certify” that you comply with most or all of the rest of the PCI-DSS (Payment Card Industry Data Security Standard). This is the point at which you may need to modify your business practices to, for instance, never store the CVV2 number (the three digit number from the back of the Visa card).

For additional information, see the Hen’s Teeth Network PCI Compliance page and visit the Payment Card Industry Security Standards Council web site.

Proud of Our Hosting Supplier
Verio Wins Big: Web Host of the Decade

(This piece first appeared as a posting from Art Zemon in our blog. Drop by the blog for more viewpoints and information from every HTN staff member.)

If you have a web site, reliability is one of your primary concerns. Your customers should always have a great experience when visiting your site. You should always be able to check your email when you want to. We share that priority and do everything possible to assure that your web site and email are up, if not always, at least all of the time when you and your customers are awake. We seem to be doing pretty well with this and I want to share a few stories with you:

Last week, a client whose web site is currently with a competing hosting company (hint: they advertise on TV during the Superbowl) tried one of our Signature Hosting accounts and, within just a few hours, wrote to me:

Holy cow!
Check out http://www.attheotherhostingcompany.com/ vs. http://www.evaluationsignatureaccount.com/
Amazing difference.

I have had a similar reaction from everybody who has tried our hosting accounts after being elsewhere. This guy was simply more succinct.

Yesterday, another customer thanked me on the phone for a full year of up-time. I did not know how to respond to that since I expect to have a full year of up-time, not just on his account but on all of our accounts.

I selected Verio as our hosting provider in the summer of 2002 and have never regretted it. Because of that choice, Hen’s Teeth Network’s hosting clients have exceptionally reliable hosting. HostReview shares my high opinion of Verio, having just awarded Verio both Web Host of the Decade and Best Web Hosting Company of 2008.

Verio: Web Host of the Decade

For the period 1998-2009, which covers both the existence of HostReview and the mainstream worldwide web, there are a few select companies that define web hosting–the industry which essentially powers the web. These companies are the driving force behind innovation and reliability standards in web hosting. Based on our decade-long service to the industry, we are honored to present the companies we consider to be the Web Hosts of the Decade…. Founded in 1996 as a consolidation of over 200 smaller ISPs, today Verio is a large company which offers economies of scale and a company culture of excellence to its customers. Verio’s dynamic corporate history has seen acquisitions and shifts of focus, but the company’s dedication to quality service has remained a constant.

Verio: Best Hosting Company of 2008

The Best Web Hosting Awards are based on the overall performance of the selected companies. This includes the plans, prices, uptime, guarantee and customer support, as well as the web hosting reviews over the year and the online presence of the companies…. Verio is the leader in providing online business solutions to SMBs worldwide. Distributed through its global network of viaVerio channel partners, Verio’s solutions provide hosting, applications and managed services that enable SMBs to drive online success.

Hen’s Teeth Network is a viaVerio Gold Partner so that, even in today’s uncertain economy, you don’t have to worry about your hosting.

Load Your Products into Google

When folks use their favorite search engine to look for stuff they want to research or learn about or buy, do they have a good chance of seeing your business? Google, certainly among the leading search engines folks use, has tools you can leverage to get your information into Google’s databases. Google Product Search, formerly known as Froogle and now known as Google Base, is one of them.

Version 3.2 of Profits Plus has the latest Google Base data feed and Google sitemap configuration as one of its modules. Buy Profits Plus before April 30, 2009 and we will include the configuration for this module to have your site’s Google sitemap produced and your products fed to Google Base data feed on a regular basis.

If you already have an earlier version of Profits Plus, there is an upgrade path available. Contact us before April 20, 2009 to arrange for us to upgrade your site and we will include the Google-related configurations at no extra cost above our upgrade fee of $80. If you prefer to manage the upgrade installation and configuration yourself, we will arrange access for you to download the kit.

Don’t miss this oppportunity to leverage the power of Google visibility for your products and your store!

Help is Just a Click or a Call Away

Did you know that there are several ways to get help from Hen’s Teeth Network? You can visit our on-line helpdesk to read KnowledgeBase articles and submit technical support tickets. You can send a message to support@hens-teeth.net. And you can telephone us at either (866)HENS-NET (that number is toll free in the US and Canada) or at (636)447-3030. If you call, press “1″ for technical support. We will be glad to help you.