Question

Explain the ethical standards in relation to storing credit card information on the network sever.

Answer 1

Explain the ethical standards in relation to storing credit card information on the network sever.

The Payment Card Industry Data Security Standards (PCI DSS) provides a rigorous security framework and best practices for Businesses that store, transmit or process credit card information.

The PCI DSS is a set of technical and operational requirements that govern modern payment processing. Businesses and organizations in the payments industry must achieve and maintain compliance, or they may become liable to consequences that include increased risk of data breaches, damage to brand reputation, heavy fines, and other sanctions.

Basic PCI Compliance Tips

1. About the new PCI Standards for new ways of building software

2. Perform scans as early as possible

3. Encrypt stored cardholder data

4. Use Neiwork Segmentation

Network segmentation is done by physically or virtually separating systems that store, process, or transmit card data from those that don’t.

5. Maintain the security of cardholder data while in transit

There are two times that security standards require organizations to provide cardholder sensitive data protection. First, you must undertake best efforts to safeguard cardholder data while stored on your network. Second, you must encrypt cardholder sensitive data when transmitting it across open, public networks. Encryption makes the data unreadable and unusable by cyber intruders who do not have the appropriate encryption keys. In addition, organizations must not save sensitive card validation codes or pin numbers after validation even if encrypted.

6. Qualified Security Assessors

7. Reduce the PCI scope of your environment

8. Choose the Best Payment Providers that maintain highest PCI

9. Always check your system and network vulnerabilities

10. Consult with QSA and Security professionals

11. Always monitor, track and test your network

12. Create a best workflow map for credit card transactions

13. Make sure to create a dedicated team to ensure PCI Compliance

14. Track and secure the cardholder

15. We need to use up to date SSL/TLS Certificates

16. Ensure that employees go through regular cybersecurity training sessions

17. Implement inbound and outbound network rules

18. Use a secure network

19. Develop an incident response plan

20. Utilize the Data Security Essentials

Companies can reduce their risk and streamline compliance by leveraging the right tools.