• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter
  • YouTube
Big Ideas for Small Business logo

Barbara Weltman

Big Ideas for Small Business, Inc.

Whitepaper download

Subscribe and download our eBook, "150+ Tax Deductions for Small Business A to Z."

This field is hidden when viewing the form
Get the:

  • Home
  • About Us
  • Big Ideas For Your Business
    • Idea Of The Day ®
    • SMB Legal
    • SMB Taxes
    • SMB Financial
    • Small Business
    • Newsletter Archive
  • Services
  • Books
  • Blog
  • Multimedia
    • Videos
    • Radio Shows/Podcasts
  • Be a Guest Blogger

Payment Card Security Revisited

October 4, 2018 / By Barbara Weltman

Payment Card SecurityNearly half of all data breaches are aimed at small businesses and occur through the acceptance of credit cards. Last year we posted a blog on this topic and want to update it in light of the Verizon 2018 Payment Security Report (you have to give your name, email, and company in order to download it); here’s an executive summary of the report. Some of what follows is a repeat of the prior blog which, from the Verizon report, was not taken too seriously by many businesses.

Trends in payment security

The Payment Card Industry Data Security Standard (PCI DSS) helps businesses that offer card payment facilities protect their payment systems from breaches and theft of cardholder data. The Verizon report found that for the first time in 6 years, payment security compliance was down. In 2018, only half (49%) of organizations worldwide are leveraging PCI DSS compliance efforts to meet other security requirements.

Compliance protocols

All organizations, including payment service providers, merchant processors, online merchants, and face-to-face merchants, that store, process, or transmit payment card data are mandated by VISA, MasterCard, Discover, American Express, and other payment brands to comply with PCI DSS Standards. These are standards created by the PCI Security Standards Council, which was founded in 2006 by American Express, Discover, JCB International, MasterCard, and Visa.

There are 12 key requirements to being secure (some are technical while others are basic business practices):

Goals PCI DSS Requirements
Build and maintain a secure network and systems 1.      Install and maintain a firewall configuration to protect cardholder data

2.      Do not use vendor-supplied defaults for system passwords and other security parameters

Protect cardholder data 3.      Protect stored cardholder data

4.      Encrypt transmission of cardholder data across open, public networks

Maintain a vulnerability management program 5.      Protect all systems against malware and regularly update anti-virus software or programs

6.      Develop and maintain secure systems and applications

Implement strong access control measures 7.      Restrict access to cardholder data by business need to know

8.      Identify and authenticate access to system components

9.      Restrict physical access to cardholder data

Regularly monitor and test networks 10.  Track and monitor all access to network resources and cardholder data

11.  Regularly test security system and processes

Maintain and information security policy 12.  Maintain a policy that addresses information security for all personnel.

Source: PCI Security Council

How to become compliant

According to the Verizon report, only 40% measure their PCI compliance annually for compliance validation purposes. Less than a quarter (19%) measure and report their PCI DSS compliance monthly. If you are concerned about payment card security for your business, review your current security measures.

  • Understand the 9 factors of control effectiveness and sustainability. These factors were developed by Verizon to help meet the 12 key requirements discussed earlier:
    1. Control environment
    2. Control design
    3. Control risk
    4. Control robustness
    5. Control resilience
    6. Control lifecycle management
    7. Performance management
    8. Maturity measurement
    9. Self-assessment
  • Do a self-assessment of your cardholder data using PCI’s Self-Assessment Questionnaire.
  • Talk with your IT person. Hopefully, the person is versed in PCI DSS. If not, they should be able to refer you to someone who is. As an aside, my IT person told me that it’s easier for small businesses to be compliant because the tech stuff is easy to handle and the non-tech stuff (e.g., limiting personnel who can access computers) is better controlled in small companies.
  • Work with your credit card processor. Your bank or other credit card processor is your active partner on PSI DSS compliance, and should be an excellent resource to assist you in becoming and maintaining compliance.
  • Work with a national PCI DSS expert. Once this expert certifies that you’re compliant, the costs of dealing with a data breach will be far less than if you were noncompliant.

Conclusion

Consider carrying cyber liability coverage for protection, but be sure to check whether data breaches are explicitly covered. Learn about PSI DSS compliance with this helpful guide.

Tags credit card payments credit card processor credit card security payment card security payment security

Primary Sidebar

Categories

  • General Business (506)
  • Guest Blog (113)
  • Homepage (22)
  • Small Business (1,002)
  • SMB Financial (328)
  • SMB Legal (66)
  • SMB Taxes (326)

Barbara’s Recent Posts

  • 10 Ideas for Coping with Cash Flow Challenges June 26, 2025
  • 5 Insurance Traps to Avoid June 24, 2025
  • Creating a Feng Shui Office Layout for Your Business June 20, 2025
  • Scaling Your Business by Optimizing Social Media Marketing June 19, 2025
  • The Timeless Value of Business Cards in a Digital World June 18, 2025
  • What Does the Latest IRS Data Book Tell Us? June 17, 2025
  • Business Advice from Famous Dads June 12, 2025
  • How Important Is Higher Education for Small Business Owners June 11, 2025
  • Business Planning in a Period of Uncertainty June 10, 2025
  • 9 Smart Financial Decisions for Business Owners in Retirement June 6, 2025
  • Preview of Tax Changes this Year: Actions to Take Now June 5, 2025
  • Becoming Penniless: What Does this Mean for Your Business? June 3, 2025
Awarded Top 100 Small Business Blog medal (link will open in a new window or tab)
Marquis Who's Who 2023 Badge
Top Small Business Blogs (Link will open in a new window or tab.)
8 Financial blogs small business Owners Need to Read. Invoice home.  (link will open in a new window or tab)
Best Small Business Blog, Expertido.org
Top 50 Small Business Blogs 2018
Best Small Business Blogs
BizHumm Top 100 Business Blog Award to Barbara Weltman
FitsSmallBusiness.com: Award for Best Small Business Blog 2017 (link will open in a new window or tab)
FitsSmallBusiness.com: Award for Best Small Business Blog 2016 (link will open in a new window or tab)

Footer

Big Ideas for Small Business logo

Small business ideas, business tax news and small business consulting from Barbara Weltman to provide business owners with the information they need to succeed. Visit our small business blog, Idea of The Day®, small business books and articles on small business taxes, small business finance and small business legal advice.

Contact Us

[email protected]

(772) 492-9593

gacor maxwin situs slot thailand terpercaya situs slot gacor situs gacor akun pro thailand slot bandar togel terpercaya

Latest Tweets

bigideas4sb Big Ideas for Small Business® @bigideas4sb ·
June 27

How Important Is Higher Education for Small Business Owners - A college degree isn’t a guaranteed ticket to entrepreneurial success https://bit.ly/3HCsb6L #smallbusiness #entrepreneurs #highereducation #lifelonglearning #education

Reply on Twitter 1938726633533272352 Retweet on Twitter 1938726633533272352 Like on Twitter 1938726633533272352 Twitter 1938726633533272352
bigideas4sb Big Ideas for Small Business® @bigideas4sb ·
June 27

10 Perks Prime Members Can Snag Before Prime Day (2025) https://bit.ly/3FZuxMB

Reply on Twitter 1938690640897798399 Retweet on Twitter 1938690640897798399 Like on Twitter 1938690640897798399 Twitter 1938690640897798399
bigideas4sb Big Ideas for Small Business® @bigideas4sb ·
June 27

Let's Celebrate Small Business! #video
YouTube https://youtu.be/kaSnPu-DUzE?si=iE3SCGbfN0o5IrAG #smallbusiness #smallbiz #shoplocal

Reply on Twitter 1938669670304800798 Retweet on Twitter 1938669670304800798 Like on Twitter 1938669670304800798 Twitter 1938669670304800798
Load More

Copyright © 2008–2025 Big Ideas for Small Business, Inc  |  Designed by Hudson Fusion

  • Privacy Policy
  • Sitemap