HTN: Hen's Teeth Network Hen’s Teeth Network Blog
«
»

Running a PCI Compliant E-Commerce Site

Filed under: E-Commerce,Hosting — Art Zemon on April 26, 2009

PCI compliance is all the buzz these days. If you are a shopper, it means that your credit card number is well protected by everybody and every machine and every network which handles it.

If you are a merchant, PCI compliance means that you meet the requirements of the Payment Card Industry Data Security Standard for protecting the credit card numbers which are entered into your e-commerce web site or used in your bricks and mortar store.

Here’s the good news:

  • If you are a shopper, you can feel a bit relieved that the credit card companies are doing things to protect you.
  • If you are a merchant, there are straightforward, well-understood ways in which you can bring your e-commerce site into compliance. We offer a PCI compliant bundle of web hosting and PDG Commerce software.

What is PCI Compliance?

The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized. Learn more…

Build and Maintain a Secure Network
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes
Maintain an Information Security Policy
Requirement 12: Maintain a policy that addresses information security
Share

This entry was posted on Sunday, April 26th, 2009 at 10:04 am and is filed under E-Commerce, Hosting. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

No Comments »

No comments yet.

RSS feed for comments on this post.

Leave a comment

You must be logged in to post a comment.

Contact Us | Legal
© Copyright 2001-2011 Hen's Teeth Network, Inc. All Rights Reserved.