Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

What You Need to Know About PCI Compliance to Protect Your Contact Center Business

When I first made purchases on the internet, I worried if I was safe. Or, at least, protected. Would my information be secure? Could someone take all the money from my account? Am I responsible for the loss? Yet, today we all shop online. The fear has been replaced with total adoption. And, a false sense of security. Even recently, I’ve had my card information compromised. I’ve had the bank call to tell me they are canceling my card and sending a new one due to a known security risk. Alarmingly, 9 out of 10 large organizations suffered a security breach last year; can you afford to be one of them?

The Contact Center is often the hub for financial transactions. The transmittal, processing, and storage of payment transaction data carries with them an obligation for Payment Card Industry (PCI) Compliance. By ensuring your contact center is PCI DSS compliant, you are also protecting your business – both financially and legally. A single data breach is now estimated to cost a company $3 million on average. Damages to your reputation and perhaps the demise of your company could be more costly.

The Payment Card Industry Security Standards Council (PCI SSC) was formed in 2004 by Visa and Mastercard. It created a set of 12 mandatory rules designed to protect payment transaction data. If your business is processing card payments, you are affected by PCI DSS requirements.

The requirements are clearly stated. Every business that handles cardholder information must do so in a manner that secures and protects the data using the following 12 requirements.

  1. Install and maintain a secure firewall
  2. Use unique passwords (rather than defaults)
  3. Encrypt stored data
  4. Encrypt data during transmission
  5. Keep anti-virus software current and updated
  6. Regularly check systems and applications are secure
  7. Ensure access is restricted to only those who need it
  8. Make sure those with access have a unique user ID
  9. Ensure physical access to data is restricted and controlled
  10. Make sure access to network and data is tracked and monitored
  11. Regularly test security systems and incident response plans
  12. Have a clear information security policy

Adherence to these requirements will ensure PCI DSS compliance for your contact center. However, Pci Compliance doesn’t automatically reduce risk or increase security. PCI DSS compliance is not a legal requirement, yet it does ensure compliance with the Data Protection Act – protecting you legally should the worst happen.

If a system is compromised and the company is found not to be PCI DSS compliant, the business could face severe penalties, such as brand damage, lawsuits and legal costs, share price drop, job losses, insurance claims, regulator fines, higher banking fees, and potentially, the loss of ability to accept card payments.

A recent report from Verizon (Verizon 2017 Payment Security Report) revealed the following percentage of businesses that fail to maintain PCI compliance:

  • 57.1% of Hospitality businesses fail to maintain PCI compliance
  • 50.0% of Retailers fail to maintain PCI compliance
  • 40.9% of Financial Services businesses fail to maintain PCI compliance
  • 38.7% of IT companies fail to maintain PCI compliance

There is much to know. Have you reviewed your PCI DSS compliance? Are you protecting your business and your data? The Team at AVDS can help answer these questions and plot your course for compliance and peace of mind. You don’t have the time to let this one wait. Contact AVDS TODAY and speak with an expert data security consultant.

This post first appeared on AVDS, please read the originial post: here

Share the post

What You Need to Know About PCI Compliance to Protect Your Contact Center Business


Subscribe to Avds

Get updates delivered right to your inbox!

Thank you for your subscription