We help organizations achieve and stay compliant with PCI standards

The main purpose of PCI compliance is to standardize how merchants accept, store and transmit customer's financial data.

PCI is composed of comprehensive guidelines that range from firewall use to enacting and maintaining information security policy.

If your organization accepts credit card or debit card transactions, you must comply with PCI.

Who Needs to Be PCI-compliant?

To break down PCI compliance a bit further, here’s a list explaining who needs to follow different guidelines:

Merchants

Any organization that accepts one or more of the five major credit cards that formed the PCI DSS council

Merchant service providers

Businesses that transmit, process, or store credit card information for other merchants

Payment application

Devices or online shopping carts that transmit, processes, or store credit cards information like credit card readers, e-commerce carts, or point-of-sale systems

Payment gateway

The middleman for merchants and banks; these companies transmit data between a business running a credit card with a bank that either approves or denies a request for payment

Payment processor

These all-in-one businesses typically provide the merchant account, payment application, and payment gateway for merchants

12 PCI Requirements

No matter where you stand in your PCI compliance journey, you will need a reference to help you stay
organized and have laser-focused compliance efforts.

  • Protect your network or system with firewalls
  • Implement strict passwords and security policies
  • Safeguard stored cardholder data
  • Encrypt all transmission data across open and public networks
  • Regularly update anti-virus software and firewall firmware
  • Update and patch systems
  • Restrict access to cardholder data to a minimum
  • Assign unique computer account IDs to all staff
  • Restrict physical access to cardholder data in the workplace
  • Implement logging and log management
  • Conduct vulnerability scans and penetration tests
  • Documentation and risk assessments

Following best-practice guidelines, E-N Computers assessments are conducted by a team of experts with 10+ years of in-depth experience in market and compliance requirements. Our team will lead you through the PCI journey from initial review to full alignment with the standard in the most efficient and least disruptive way possible. This ensures your organization maintains business-as-usual while implementing PCI compliance measures.

Call our Compliance team today!