Are you a small business that has limited card payment transaction volume? Are you wondering if you have to follow the PCI Security Standard? The answer is a resounding “yes”. The PCI Security Standard is a complex set of standards that include requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. As I have mentioned many times before, the PCI security standard is intended to help businesses proactively protect the private account information of their customers. Ultimately isn’t this what you want? By protecting your customer’s information, you are building customer trust which is the most important thing about online business.

The PCI security standard consists of 12 main requirements that fall under six categories. These are:

Build and maintain a secure network

Protect cardholder data

Maintain a vulnerability management program

Implement strong access control measures

Regularly monitor and test networks

Maintain an information security policy

These standards are what help you, as a business owner, keep your customer’s information safe and secure.

The requirements are just a bit different depending on your merchant level, so finding out your merchant level is the perfect place to start. You may ask your self when the deadline for complying with the PCI security standard is? You might be surprised to know that for most merchants, these deadlines have already passed. But compliance is mandated by the payment card brands and not the PCI Security Standards Council (https://www.pcisecuritystandards.org), so you should check with your acquirer and/or merchant bank to check if any specific deadlines apply to you.

This information may seem somewhat redundant, and I realize that I have written a lot about it. But you should know that following the PCI security standard is super important, and will in return help you receive more business to your website.