Changes to Expect with the Transition to PCI 4.0Â
When PCI DSS 4.0 is released, it will bring tighter controls, customized implementation, authentication, encryption, and testing frequency.
PCI 4.0 Demands Automated Security Measures
To comply with the new PCI 4.0 standards and in keeping with best practices, these are the tasks that should be automated.
What Non-Profits Need to Know About PCI ComplianceÂ
There are no exceptions for non-profits, but there are some helpful PCI compliance resources and steps we recommend.
What is a PCI RoC and Why Do You Need One?
Let’s get down to business! Today, we are answering all of your burning questions about the PCI RoC. What Does ‘RoC’ Stand for? Report on Compliance: the PCI RoC is the documentation that verifies a merchant’s compliance with PCI DSS. It is the single most important form of attestation, serving as proof to stakeholders outside …
Who is Liable for Your Website’s PCI Compliance?Â
PCI compliance is important for any business that does financial transactions on the Internet. Maintaining a secure environment for the financial records of your business’s customers is paramount. Not doing so could open your business up to being sued by customers if there is a security breach, and/or to fines by your credit card processor. If …
Who is Liable for Your Website’s PCI Compliance? Read More »
Alleviate Audit Anxiety with A Glossary Of PCI Terms
PCI terms can be confusing, especially when their acronyms are used without providing definitions or context clues. Understanding these terms is vital to ensuring that your company can pass required audits and meet compliance regulations. To help you better navigate the world of Information Technology (IT) audits and common terms, we have created a glossary …
Alleviate Audit Anxiety with A Glossary Of PCI Terms Read More »
IT Incident Response Plan: Key Steps to Implement
Nearly all organizations need an incident response plan. Security incidents are inevitable. The time to think about responding to an incident is NOT during the incident. Incidents are stressful, often chaotic (especially when you have no plan). A formally documented, incident response plan helps organizations identify, contain, and remediate security incidents. Key Components of Incident …
IT Incident Response Plan: Key Steps to Implement Read More »
PCI DSS SAQ Types: Which Type Is Right for Your Business?
Choosing the Right PCI-DSS Self-Assessment Questionnaire All merchants and service providers who either store, process, or transmit payment card information are required to be Compliant with the Payment Card Industry (PCI) Data Security Standards (DSS). Compliance aside, protecting your customers’ payment card information is imperative for customer retention and brand protection. But understanding the requirement …
PCI DSS SAQ Types: Which Type Is Right for Your Business? Read More »
PCI Non Compliance Fines & Consequences
Being in compliance with PCI requirements is extremely important to your business. It isn’t just something that you can ignore. Not only are you taking a big chance that your business can experience a catastrophic data breach if you are not in compliance, your business will face negative publicity, as well as some very real …
An Important Question in Online Payments: Is PayPal PCI DSS Compliant?
Even if you or your business have never interacted with PayPal, you probably have at least a passing familiarity with the online payment giant. One of the most important things you need to know for your organization, regarding PayPal, is whether or not it is PCI DSS compliant. The short answer to that question is …
An Important Question in Online Payments: Is PayPal PCI DSS Compliant? Read More »
A Guide to Keeping Phone Orders PCI Compliant
If you accept payment cards through any transaction channel, you are bound to be compliant with the Payment Card Industry Data Security Standards or PCI DSS. To begin with – let’s talk about what we mean when we talk about the transaction channel. If you take payment card information over the internet, we would consider …
I.S. Partners, LLC Certified as a Qualified Security Assessor to Perform PCI-DSS
CPA firm IS Partners, LLC, one of the nation’s premier internal controls attestation firms, is pleased to announce that it is now certified as a Qualified Security Assessor (QSA) to perform Payment Card Industry Data Security Standard (PCI-DSS) audits. John DeCesare, CEO & Founder, stated, “Because of our vast knowledge and expertise in the internal …
I.S. Partners, LLC Certified as a Qualified Security Assessor to Perform PCI-DSS Read More »
