Skip to content

Guide to PCI Compliance

What Is It?

What is PCI Compliance?

Secure payment systems ensure your customers that you can be trusted with their payment information.

PCI Compliance is a standard created by major credit institutions like American Express, Visa, Mastercard, and JCB. It is designed to protect consumer’s financial information from cybercriminals.

Who should be PCI Compliant?

Vendors, Merchants, Service Providers

Anyone who provides goods or services to businesses or consumers and accepts payments via credit card.

The Principles

What does PCI Compliance consist of?

There are 12 data security requirements that every merchant is required to follow. While there are also over 200 sub-requirements, not all of them may apply to your business.

Twelve security requirements of PCI DSS Compliance

  • Install and maintain a firewall configuration to protect cardholder data
  • Do not use vendor-supplied defaults for system passwords and other security parameters
  • Protect stored cardholder data
  • Encrypt transmission of cardholder data across open, public networks
  • Use and regularly update anti-virus software or program
  • Develop and maintain secure systems and applications
  • Restrict access to cardholder data by business need to know
  • Assign a unique ID to each person with computer access
  • Restrict physical access to cardholder data
  • Track and monitor all access to network resources and cardholder data
  • Regularly test security systems and processes
  • Maintain a policy that addresses information security for all personnel

A Real World Example

In 2013, Target was subject of a consumer-focused hack that affected customers who shopped at U.S. Target stores between November 27 and December 15.

70 million customer names, credit or debit card numbers, expiration dates and CVVs were involved in the information theft.

Our Approach

Our 4-Step Approach to IT Compliance

1. Compliance Audit

Our team conducts a series of interviews and a network audit to determine data access and usage.

2. Gap Analysis

A gap analysis identifies the missing pieces necessary to achieve compliance.

3. Remediation Plan

A remediation plan is put forth and executed with action steps towards compliance based on priority level.

4. Management

ITonDemand then monitors system usage and provides the service and support to maintain compliance.

Compliance In Action

Florida Manufacturing Firm

A small north Florida manufactures CNC close tolerance machined parts, custom components, and assemblies for the defense sector. Given the sensitive nature of the parts being manufactured, it was vital that communications and manufacturing specifications were secure while organizational infrastructure was put in place and maintained to NIST Compliance.

Contact Us For Support

Name(Required)
This field is for validation purposes and should be left unchanged.

Nationwide Coverage

Nationwide Coverage + Local Service

ITonDemand delivers nationwide IT services through a network of support centers and offers 24×7 remote assistance

Trusted By Organizations Across The Country

Logo for Allstate. Logo for Altrua Global Solutions. Logo for Church of the Redeemer. Logo for Coastal Resources. Logo for DDA Ann Arbor. Logo for Del Zotto Products. Logo for Deleon Appraisals. Logo for Fogelman. Logo for Indratech. Logo for Lynden School District. Logo for N Street Village. Logo for Ocala Metro CEP. Logo for SecurTrust. Logo for Society of American Military Engineers. Logo for Sunshine Air Conditioning. Logo for The Federalist Society. Logo for United Way of Marion County. Logo for Westfields Golf Club. Logo for Andgar Corporation.

Need More From Your IT Services Provider?

ITonDemand is a division of eResources: your expert partner in digital transformation and growth, providing IT services, software development, marketing and branding.  Learn more about the benefits of a vertically-integrated IT services partner.