The small business quick guide to PCI Compliance | Sage Pay

The small business quick guide to PCI Compliance

Young man looking happy
Six ways to protect your small e-commerce business from credit card fraud
9 February 2015
Donovan Marais talks fraud syndicates with News24
6 March 2015
Show all
Colleagues walking down an office passage

Whether you are a small business with a few transactions or a large business with many, PCI compliance is essential.

Since 2005, 510 million records containing credit card sensitive information has been leaked. This astounding number has led to the implementation of The Payment Card Industry Data Security Standard (PCI) which enforces set and secure procedures when storing and/or processing credit card details.

The very basics of PCI Compliance:

  1. Take control of the usage of the credit card data. The more people handling the card details, the greater the costs and scope of the compliance program. Keep things simple and restrict usage of the data to specific people in your business.
  2. Secure your own systems and do not store any sensitive cardholder data in computers or on paper. Use firewalls and make sure your wireless router is password protected with encryption.
  3. Knowledge is power and your employees should all be aware of the systems and practices in place.
  4. Keep your passwords on their toes! Change all passwords often, and ensure that you do not use vendor-supplied defaults for system passwords.
  5. Regularly test your security systems and practices.
  6. PCI is an ongoing 3-step process. Assess. Scrutinise. Report.
  7. If you are using a third party payments system, make sure that they are also PCI compliant. Rest assured, Sage Pay is Level 1 PCI Compliant on all credit card processing.

Didn’t know that Sage Pay does credit card transactions? Visit our site for more information.