Helpful information about cloud computing, cyber security and more, all at a glance.
Do you know what level your business falls under to meet PCI compliance? While the 12 PCI compliant requirements are dictated by the PCI Security Standards Council (PCI SSC), compliance is enforced by the credit card issuer companies, including Visa, MasterCard, American Express, Discover and JCB International.
We’ve just launched our latest white paper on PCI Compliance!
This white paper is ideal for executives and IT decision-makers seeking a primer as well as up-to-date information regarding PCI compliance best practices and specific technology recommendations, including cloud-based PCI compliant hosting options.
These are the four levels of PCI compliance as mandated by the card issuers Visa and Mastercard, with definitions according to the volume of credit card transactions per year:
What do these levels of PCI compliance mean?
Companies that meet Level 1 must have yearly on-site reviews by an internal auditor and a required network scan by an approved scanning vendor. A full list of approved scanning vendors (ASV) and contact information is available online from the PCI Security Standards Council.
Any companies that meet PCI compliance Levels 2, 3 or 4 must complete the PCI DSS Self Assessment Questionnaire annually and undergo quarterly network security scans with an approved scanning vendor.
What happens if you breach a PCI compliance level requirement?
Visa makes your life a bit harder by reserving the right to change your level standards to a stricter level, regardless of the number of transactions processed per year. For example, if you are classified as meeting Level 4 compliance, you must now abide by Level 1 requirements.
Working with a PCI compliant hosting provider can help you understand where your company currently stands and how to meet PCI compliant level requirements.