Is Your Business Prepared for a PCI Compliance Audit?

Audits. The very word probably makes you shudder. No one likes it when the auditors come knocking at their door – you just know they’re going to ding you for something. But that only happens if you don’t take a moment to breathe and do a simple preparedness check ahead of time.

Is your business prepared for a PCI compliance audit?

If you accept credit cards, you must be compliant with the Payment Card Industry (PCI) data security standard. That extends not only to you and your employees, but to any other companies or individuals with access to your IT systems. If someone can access your data, they’re obligated to meet PCI compliance too.

pci audit

First of all, you need to retain an audit-trail history for a time period that fits with your use and legal regulations. That’s different from business to business – you need to find out how long you need to maintain your records! The main thing that affects what you’re required to do for an audit is your PCI level:

  • Level 4 – Less than 20,000 transactions per year
  • Level 3 – 20,000 to 1 million transactions per year
  • Level 2 – 1 to 6 million transactions per year
  • Level 1 – Over 6 million transactions per year

Additionally, you need to be able to prove that you have the right IT security processes in place to maintain confidentiality and security for all your transactions. Are you using the right firewalls to protect your networks? Do you have encryption on any emails that might involve payment card information? Are all your systems properly secured against unauthorized access of data?

These are vital questions you need to answer before the auditors come knocking. If it turns out you’re non-compliant, banks and credit card institutions can impose fines ranging up to $500,000!

So how do you ensure you’re prepared for a PCI compliance audit? It’s simple: DO ONE YOURSELF. If you run your own audit before a mandated one comes along, you’ll discover any vulnerabilities or missteps while there’s still time to fix them.

The team at OffSite IT is here to help. We’re the experts in PCI compliance for Chicago, IL and Southern California businesses. We provide a full PCI compliance service:

  • A risk assessment to improve your data security.
  • Advice for staff training on security awareness, so your employees have the information and skills they need to meet the latest PCI standards and regulations.
  • Notifications about potential vulnerabilities ranked by order according to their seriousness. This way, you can address the most important first.

Protect your customers, protect your employees, and protect your livelihood – Contact OffSite IT at (866) 828--6674 or info@offsiteIT.com to ensure your Chicago, IL and Southern California business is prepared for a PCI compliance audit.

Alexssa

I first hired John directly as an employee back in 1999.
He was an excellent addition to a growing team at a small technology company. Subsequent to the sale of the company, John branched out on his own and started an IT consulting firm. Since that time, I have not used anyone else. John is capable, personable, has integrity and is also very likable. I would recommend him without reservation.”

  Kevin DiCerbo   

Connect With OffSite IT

    Locations
    • Los Angeles / Orange County 21520 Yorba Linda Blvd. Suite G417 Yorba Linda, CA 92887
    • Chicago 6912 Main Street Suite 214 Downers Grove, IL 60516
    • 1-866-828_-6674 info@offsiteIT.com