BlackCSI Alerts Business Community About PCI Compliance

When accepting sensitive credit card information, businesses need to assess several risks. The first major risk is a disgruntled employee stealing a customer’s credit card and utilizing that information for personal purchases. While these types of infractions are usually caught quickly, especially with the proper monitoring technology in place, customers can be reimbursed for fraudulent purchases. Unfortunately, the damage done to customer trust is often irreparable. The fact of the matter is that customers, who experience a data breach with a merchant, are extremely likely to avoid using that merchant, ever again. In other words, lackluster security measures here could cost a company dearly, not only because of the up-front fines but because of the negative word-of-mouth that usually follows an incident like this. To solve this issue, businesses can follow the comprehensive list of steps laid out in the PCI DSS that explains the measures a business can take to protect themselves from this liability, including actions such as encryption and limited-levels of access.

“Every single customer we work with is already doing their best to protect customer data; however, they are usually missing key elements that could get them in big trouble,” stated Ruthann Black, President of BlackCSI. “Oftentimes we see businesses take customer credit card information over the phone and then write it down, so that it can be added into the computer system at a later time. However, one big mistake we’ve been noticing is that businesses are storing customer credit card information for longer than 5 days, which is strictly prohibited by these regulations. This is a perfect example of how business owners with positive intentions, end up paying big fines for being undereducated on these matters,” concluded Black.

The greatest risk facing business owners and credit card security is hackers. Their methods are constantly evolving and hackers are always finding new ways to attack businesses, the standards for PCI compliance are always changing as well. “Businesses can go to the PCI Security Standard Council’s website to view a comprehensive list of best practices or if they don’t want to have to comb through all the details, they can call a managed technology services provider, like BlackCSI for example, and they should be able to conduct a PCI network analysis and advise them on a few key areas to pay special attention to,” added Black. “If your managed services provider is unaware of PCI compliance, you may want to consider reevaluating your relationship with that provider.”

ABOUT BLACKCSI

BlackCSI is a provider of scalable technology solutions focused on delivering ROI for our clients. We have deep experience in delivering project-based services to organizations in the commercial, government, and non-profit sectors. BlackCSI follows simple guidelines with its clients: listen, learn, clarify, and reiterate. This methodology is crucial to its success and is the foundation that drives a successful partnership between consultants and clients.

Founded in 2002 by Ruthann Black, BlackCSI excels in assisting customers with our range of products and services including unified communications, managed services, communication and security integration, IT infrastructure design and support, IT hardware sales, help desk services, training development and delivery, project management, business and requirements analysis, system testing, and mobile solutions. As a Pennsylvaniacertified Small Diverse Business (SDB), BlackCSI is dedicated to providing unsurpassed quality, uncommon honesty, and amazing customer satisfaction throughout every aspect of our product and services delivery.

For more information on BlackCSI, call (717) 620-3042 or contact us!