Restaurant Ripoff Could Your Business Be At Risk?

What merchants need to do regarding PCI compliance: To comply with Requirement 9, merchants must make sure unauthorized people (including unauthorized staff) can’t get their hands on anything sensitive, including POS equipment, computers, paper records, electronic files and so on. The associated tasks can be broken down into the following five general categories: 1. Make sure all paper and electronic media that contain cardholder data are physically secure (using obvious solutions like burglar alarms and locks on doors, offices, and/or filing cabinets, as appropriate). 2. Restrict access to protected areas: keep customers and potential attackers out of such areas. And make sure you can always tell the difference between customers, potential attackers and staff authorized to access protected areas. 3. Make sure you control how media (paper, CDs, thumb-drives, et cetera) are used. This is more complicated than it sounds and includes the following: * Knowing precisely which media have sensitive cardholder data on them (if you don’t have a careful classification and tracking system in place, you have to protect all media as if it were sensitive all the time) * Distributing sensitive media and information only to people (inside the company and outside) who absolutely need them and have a right to them, and making sure the distribution system is secure (no sending it through the mail or via e-mail without encryption) * Controlling who can take such media out of secured areas
Video Rating: 5 / 5


Leave a Reply


Powered by WP Robot