I should have probably known what PCI DSS was before researching it recently. I give myself some slack when it comes to the web hosting terms as I am the “marketing guy” and still new to the industry. However, PCI DSS probably falls more under a general marketing term so I can’t really cut myself slack in that respect.

PCI stands for Payment Card Industry. This is a general term for all of the companies that issue credit cards, debit cards and ATM cards. DSS stands for Data Security Standard. DSS is a guideline developed by PCI to prevent fraud, hacking, and security threats in regards to the information that is processed, stored and transmitted by the PCI.

I think we all know someone that has some sort of private information compromised. Prevention of the corruption of such data is the purpose of these guidelines. Consumers need to know that this private data is handled properly and securely. Companies within the PCI must follow these guidelines or they could lose the capacity to process credit, debit and ATM cards. There are 12 DSS guidelines. They are:

1. Must install a firewall and maintain it to protect data

2. Cannot use vendor-supplied defaults for system

3. Protect stored cardholder data

4. Cardholder data sent over public networks must be encrypted

5. Anti-virus software must be used and updated on a regular basis

6. Secure systems and applications must be used

7. Cardholder data must have restricted access on a need to know basis

8. Each person with access to this data must have a separate ID and password

9. Non-electronic access to this data must be restricted

10. Access to cardholder data must be monitored

11. Security processes and systems but be tested on a regular basis

12. An information security policy must be developed and addressed

For FREE PCI DSS compliance scans, visit A2 Hosting for more information.