category:

PCI DSS

Article

Why Merchants Should Complete Their Own PCI SAQs

Who is responsible for completing SAQs? Does the PCI Team need to go through for each and every MID, and complete a separate form? After all, the PCI Team members are the ones that know what the questions are actually asking, right?

PCI DSS
Read More about the Why Merchants Should Complete Their Own PCI SAQs
Article

Call Centers: A PCI Perspective

Call centers that handle payment card information have a responsibility to protect their customers from data compromise and fraud. Some university call centers will fall into your institution's PCI DSS scope and thus will need to be compliant.

PCI DSS
Read More about the Call Centers: A PCI Perspective
Article

Data Breach Notification Laws: Use Them to Your Advantage

In your next budget presentation, it may be helpful to include some of the legal consequences that you can face if appropriate security controls aren’t put in place.

Compliance
Read More about the Data Breach Notification Laws: Use Them to Your Advantage
Article

Standardizing Payment Processes on Campus - What it means and how to do it

With multiple merchants, solutions, and devices spread across multiple locations, each can implement a payment process that best fit their needs or is the most affordable. Without specific guidance and proper follow up, it is very unlikely that you will have any consistency.

Payments & Treasury Solutions
Read More about the Standardizing Payment Processes on Campus - What it means and how to do it
Article

PCI Roadblocks: Your Problem Child Merchants

Your organization is only as compliant as your least compliant merchant, so just one “No” on a merchant SAQ can place the entire organization on the non-compliant list.

PCI DSS
Read More about the PCI Roadblocks: Your Problem Child Merchants
Article

PCI Requirement 9.9 - Protecting PoS Devices from Skimming

What can your organization do to prevent skimming? The PCI DSS outlines very specific procedures for protecting against these attacks in Requirement 9.9. When constructing your organization’s program, the following steps must be included:

PCI DSS
Read More about the PCI Requirement 9.9 - Protecting PoS Devices from Skimming
Article

Frequently Asked Questions Regarding SAQs

It is not uncommon to feel a little uncertain about the answers you are providing when completing an SAQ. Here are some of the more common questions we see from merchants during the annual SAQ completion process.

PCI DSS
Read More about the Frequently Asked Questions Regarding SAQs
Article

Jumpstart Your PCI with a Strong Partnership

Although PCI compliance is a year-round task, many organizations target the beginning of the year as the time to complete annual requirements like risk assessments, penetration testing, staff awareness training, documentation review, third-party contract reviews, and incident response plan testing.

PCI DSS
Read More about the Jumpstart Your PCI with a Strong Partnership
Article

The Five Most Common Findings in a QSA PCI Compliance Assessment (and one that might surprise you!)

While each institution is different in the way they process payment information across various departments and areas, many of the same challenges to achieving PCI compliance exist in every organization.

PCI DSS
Read More about the The Five Most Common Findings in a QSA PCI Compliance Assessment (and one that might surprise you!)