To continue our celebration of National Cyber Security Awareness Month, we’re diving into another one of the security services we offer our customers: Scanning for PCI Compliance. According to a Pew Internet study, 50% of Internet users worry about their personal information exposed online, and a full 11% have had important information (such as their social security, credit card, or bank account numbers) stolen online.
One way to protect your customers’ sensitive data is through PCI Compliance, our fully managed scanning service that verifies your compliance with the Payment Card Industry Data Security Standard (PCI DSS) Council. See our Knowledge Base for more explicit information on how to ensure your electronic payments are PCI DSS compliant.
Websites that request and store sensitive information from their customers are required to take precautions to protect that data and follow the PCI DSS set of standards for infrastructure and server configuration. Liquid Web’s Heroic Support team can help you design and customize your hosting environment to meet some of the 12 requirements for compliance.
Many of the requirements are wholly the customer’s responsibility (assigning unique ID’s to each person with computer access, for instance), however, Liquid Web can help the customer with a few of them, such as installing a firewall and providing an SSL Certificate.
Liquid Web is able to assist the customer in completing the rest of the requirements, including suggesting strong password policies and anti-virus software. The full list of PCI DSS requirements can be found in our Knowledge Base. The required Self-Assessment Questionnaire (SAQ) will help you to ensure that all of the above requirements have been met. You must also complete an Attestation of Compliance. More information on the SAQ and Attestation of Compliance forms can be found in our Knowledge Base.
Liquid Web cannot complete these documents for you, but we will assist in any way we are able. In addition, because PCI compliance is an on-going process, our PCI Compliance scans are performed regularly to ensure that the services are kept up to date and any new security vulnerabilities are resolved immediately. It is recommended that Liquid Web customers consult with a certified Auditor in order to ensure your application will be compliant.
The importance of PCI Compliance cannot be understated, especially with a growing number of consumers raising concerns about the safety of their data online. If your website stores, processes or transmits any sensitive customer data, protecting it from security vulnerabilities is of the utmost importance. With this in mind, Liquid Web’s security team is prepared to help your business become compliant with all of the PCI security standards.