Become PCI Compliant

...now browsing by tag

 
Approved Scanning Vendor Become PCI Compliant Data Security Standard Hacked Hackers Increase Your Rate of Conversion Outside Attacks Payment Card Industry PCI Compliance PCI Compliant PCI scanning Return on Investment security scan Security Scanned Seal Security Standards Council Trust Guard Trust Seals verification seals Video Security Seal Vulnerability Scanning Website Security
 

It Is Cheaper To Be PCI Compliant Than To Not Be PCI Compliant

Monday, January 18th, 2010

According to a study conducted by Solidcore Systems, Emagined Security, and Fartrex, the lack of being PCI Compliant could potentially exceed the cost of PCI Compliance by 20 times!

In James Barrow’s book on achieving PCI Compliance, he states that the research study showed that “not becoming compliant with the standard (Data Security Standard – or DSS) could lead to additional costs posed by a data breach.”

For one, the SSC (Security Standards Counsel) can elevate your business to Level 1 status following a breach or compromise. That means that you’ll have to do everything a Level 1 has to do despite the lower level of transactions that you process. Of course, the biggest expense with this option is the previously unnecessary need to hire a Qualified Security Assessor or or pay someone inside your organization to conduct an Internal Audit if it is signed by an officer of the company.

Also, Barrow continues, “a breach may require further expenditures related to customer notifications and providing credit monitoring services.  Finally, there are the expenses that may result from litigation, as well as the unknown variable of the cost to the company in loss of customer confidence.”

So, you decide, you can scan your site daily for vulnerabilities against hackers and increase customer confidence by displaying Trust Guard seals.  Or you can leave your site open to hackers and outside attacks and potentially face the swollen and costly revised requirements of the Payment Card Industry.

To put it in monetary terms, you can pay Trust Guard $497 a year for daily vulnerability scanning and PCI Compliant Reports, or pay almost $10,000 a year to repair the damage. Included in the yearly price of $497 a year (or $47 a month) comes a Security Scanned trust seal to display on your website that is GUARANTEED to grow your business significantly.

With that knowledge, getting a daily PCI Compliant Vulnerability Scan and industry exclusive Video Security Seal from Trust Guard to show online consumers that your site is safe, and that you are a legitimate company that will protect their privacy, is one of the best return on investments out there!  Visit www.Go.Trust-Guard.com today!

Video Seal

Posted in PCI Compliance | No Responses »
Tags: , , , , , , , , ,

Secure Your Site & Increase Sales With Trust Seals

Monday, December 28th, 2009

There are many trust seals on the market today. That’s because online consumers have never been so cautious about shopping online as they are now.

It makes sense to display Security Verification Seals, Privacy Verification Seals, and Business Verification Seals – because shoppers are concerned about all three areas of website identity. One company, Trust Guard, provides all three seals – plus an industry exclusive Video Security Seal.

It makes sense for us as website owners to remove all the fear, doubt, and suspicion that accompanies making a buying decision online. When there is no hesitation to do what we want our online visitors to do, our conversion rates will increase.

Online consumers worry about the security of our websites.  They ask: Is this website safe? Will I get a virus? Do they scan daily for vulnerabilities so that hackers won’t get in and steal my personal information?

They worry about the privacy of the our websites.  They ask: If I give them my email address, will I wake up tomorrow with 50 emails from companies I’ve never heard of?

They worry about our integrity as business owners. They ask: Is this a trustworthy business? If there is an issue with my purchase, will I be able to contact someone?

There are several ways that trust seals give consumers the peace of mind they need to trust us as website owners. They can see on the seals the date of the last time that our websites were verified.  Also included on the trust seals are the names of our websites – customized exclusively for each particular company.

They can click on the seals and view the certificates that the trust seal company provides that show when our websites have been verified. The certificates will also show that the websites have passed the daily vulnerability scans – which everyone knows is the first line of defense in keeping our websites safe from hackers and outside attacks.

Online consumers can also view our phone, email, and physical address on the certificates, so that they know that they will be able to get a hold of us should the need arise. The trust seal company also provides their information, so that if for some reason we as website owners do not resolve a disagreement with a customer in a timely fashion, they can help.

It’s really pretty simple. When we as website owners increase the amount of traffic that trusts us, more people will do what we want them to do. One of the most productive ways to achieve high levels of trust with online consumers is to display Trust Guard trust seals on our websites.

Posted in Return on Investment | No Responses »
Tags: , , , , , , , ,

What It Means To Be PCI Compliant

Tuesday, November 24th, 2009

I was asked the other day if getting a PCI Compliant Website Security Scan from Trust Guard was all I needed to do to acheive PCI Compliance. The answer is no – heck no!  There are several aspects of PCI Compliance that the Security Standards Council has created through their Data Security Standard.  Vulnerability Scanning from Trust Guard is just one area of compliance as outlined by the payment card industry.  To see other areas of need, you can look at this chart, or this page on passwords, or here for a PCI Compliance Table.  You can also read the book: Acheiving PCI Compliance: A Guide For Understanding And Complying With Data Security Standard For Merchant Levels 2, 3, and 4.

Posted in PCI Compliance | No Responses »
Tags: , , , , , , , , , , , ,

Hey, Mr. Gullible, Stop Sharing Your Password!

Tuesday, October 6th, 2009


As Featured On EzineArticles

In our never-ending attempt to keep our offline businesses and online websites free of inside and outside attacks, we must never lose sight of the benefits associated with effective passwords.

Sure, anti-viruses protect computers before they go online, and once online, SSL certificates serve their purpose.  Security scanning and verification services such as Trust Guard not only keep hackers away, but also let online consumers know that sites that display trust seals are safe.  However, effective passwords will protect most areas that online hackers and office troublemakers want to infiltrate.

Much of the “hacking” that is going on in the business world today is from people that work in the same office!  The all-too-common statement:  “Hey buddy, I need that file, what’s your password?” is penetrating the once-protected personal and professional documents of the gullible and trusting.

The Payment Card Industry (PCI) requires that website owners assign a unique ID to each person with computer access, then requests that they set a private password.  As with any computer action, knowing who is accountable is critical when it comes to handling credit card transactions.  And how can you know who is responsible if you’re sharing passwords?  For more on PCI compliance requirements and the PCI’s Data Security Standard (DSS), visit www.pci-compliance.us.

The act of sharing passwords has gotten more people in more legal and financial problems than any other business issue.  If an important file or folder is taken, using your password, how will you show that you didn’t take it?  If something is done wrong by someone else, like compromising a document, or transferring accounts comprised of financial or monetary data, and it is done with your password, it is extremely difficult to prove that you were not involved.

Keep your password safe.  Whether it is locked up in a physical or online safe, in a personal binder that never leaves you, or in your head, you should keep your password in an environment where others won’t be able to locate it.

In addition to making an individualized password and keeping it private, you should make it at least seven characters long.  Shorter passwords are easy to steal from passersby.  It should contain upper and lower case letters, numerals, and special characters.  The more you mix up the password’s numbers, letters, and special characters, the better.  One of the numbers or special characters should be in the second through sixth position (not first or last).

Change your password often – no matter how safe you think it is, and make it significantly different from prior passwords.  I had a boss once who told me that he had the same password every month, but only changed the last numbers of it to reflect which month it was. I think “tootrusting11” was the password he used for November!  I do not recommend using his system.

Do not use a common name or a common word as a password, and refrain from using your own name or username.  Spouse, children, and pet names are also ineffective.  Thousands of documents have been stolen or compromised by passwords like “password”, “business”, and “Ultimate Frisbee”.  Wrongdoers have guessed passwords including the company’s name or industry – and surprisingly, their guess was right.

In short, along with keeping your website’s SSL active and performing PCI scans through Trust Guard, you should create unique passwords, change them often, and keep them private.  Stop being Mr. Gullible.

Trust Guard's Security Seals Will Help You Stay Safe

Posted in PCI Compliance, Website Security | No Responses »
Tags: , , , , , , , , ,

We Speak English, Spanish, and PCI Compliance!

Tuesday, October 6th, 2009

We Speak PCI Compliance

Posted in PCI Compliance | No Responses »
Tags: , , ,

We All Need To Be PCI Compliant

Wednesday, September 23rd, 2009

Well Howdy!

My name is Harold, but you can call me Harold the Hacked.  Why not, everyone else does!  You have probably heard how my site got hacked into.  And that now I listen to everything the The PCI Compliance Guy tells me to do!  What a pain in the you-know-where is was to have to direct my traffic back to my original site after a hacker had redirected it to Mongolia of all places!

The PCI Compliance Guy told me to get Trust Guard’s Security Scanned Seals to check for over 30,000 vulnerabilities that hackers could use to get into my system. I did it!

Not only do I feel safe now, but my clients feel safe too!  Trust Guard’s trust seals let online consumers know that a third party has verified my site and found everything in order.  Because my visitors feel safe, more of them are using my services!  I’ve got a clean site and a thriving business – all thanks to Trust Guard and The PCI Compliance Guy!

Posted in Harold the Hacked, PCI Compliance | No Responses »
Tags: , , , , , , , , , , ,

My First Conversation with Harold

Wednesday, September 23rd, 2009

Good Morning!

Today I spoke with Harold. You might not have heard of him yet.  He is only one in thousands upon thousands whose website was hacked into.

We just became the best of friends because I set him up with PCI scanning with Trust Guard.  When visitors see his seals, more of them will become his clients!

I recommend that you do what Harold is doing and learn as much as you can about PCI Compliance – whether or not you process credit cards on your site!

Posted in Harold the Hacked, Website Security | No Responses »
Tags: , , , , , , , , , ,

Read: Achieving PCI Compliance

Friday, September 11th, 2009

My friend at work is letting me borrow his book Achieving PCI ComplianceA guide for understanding and complying with data security standard for merchant levels 2,3, and 4 by James M Barrow. Sure, it’s essential that websites get scanned at least quarterly and after changes are made, but  there is so much more to being compliant. If you get the chance, get this book!

Posted in PCI Compliance, Website Security | No Responses »
Tags: , , , , , , , , , ,

What Visa says about PCI Compliance

Thursday, September 3rd, 2009

I found this great article from Visa about the PCI Compliance Acceleration Program. According to the article, the validation for merchant compliance is prioritized based on the volume of transactions, the potential risks, and the exposure introduced into the payment system.

Visa – PCI Compliance Acceleration Program

Posted in PCI Compliance, Website Security | No Responses »
Tags: , , , , , , , , , ,