PCI Compliance Support in Tucson

Worried about PCI Compliance?

 Have you been notified by your bank or credit card processor that you have to make your business PCI compliant?

Do you need to improve cardholder information security?

If you are confused about what PCI compliance means - and how a small business like yours can become PCI compliant - you are not alone.

Who needs to be PCI Compliant?

Businesses of all sizes are now required to certify that they meet PCI compliance standards to improve cardholder information security.  



A PCI Data Breach Can Put You Out of Business

If you suffer a PCI data breach:

You may not be able to process credit cards  Banks (often called acquirers in the PCI industry) point out that they may pull credit card processing abilities of those businesses who are unable to certify their business meets PCI security standards.

You May Lose Customers

Trust is the very basis of most businesses.  A cardholder information security breach will lead to loss of trust.

Can you afford to lose customers who no longer trust you?


We Can Help You Make Your Business PCI Compliant

We take the jargon out of PCI compliance and help you understand PCI compliance requirements.

We can help you determine the level of PCI compliance your bank is expecting for your size business

We can help you identify ways to segment your data collection so that fewer of your systems and PCs need to be part of your compliance assessments.

We can set up a secure network,  develop controls for internet access points, or create a cardholder information security policy to meet PCI requirements.

FAQs about PCI ComPliance

What is PCI Compliance? Is that the same as PCI DSS Compliance?

PCI stands for Payment Card Industry - the folks who control the major payment cards like Visa MasterCard, Discover Card, and American Express.  These providers have joined together to develop a PCI Data Security Standard or DSS.  They have published PCI DSS requirements for PCI DSS certification.

Depending on the level of your particular business, you may be required to build and maintain a network that improves cardholder information security, control access to the data you collect from cardholders, test your system regularly and update your information security policy on a regular basis.

I already have up to date SSL certificates. Is that good enough?

SSL certificates are a great start, but if you are collecting or storing any sensitive credit card data, you will need more protection.

My business is really small. Do I have to be PCI compliant?

Unfortunately, yes.  Small businesses and home based businesses are especially vulnerable to attack.  

That means the real question is "Can I afford to lose customers who don't come back after a security breach impacts their credit card?

Why bother with PCI Compliance?

Data loss is expensive.  

An IBM study suggests that a record breach can cost your company an average of $158 per record breached and the total cost to a company suffering a record breach averages $4 million.

Lack of compliance can result in fines and legal actions

Banks and credit card companies may impose fines or bring civil suits against businesses which fail to comply with the terms of their merchant/bank agreement.  If you do not certify your company you may not be allowed to use the credit cards to take payments.  

A cardholder information security breach can involve you in expensive and potentially damaging litigation. 

PCI compliance can help protect your business from data breach.

About PCI Compliance

Meeting PCI Requirements is like getting an insurance plan for your business

Consider PCI compliance an insurance plan for your business - insurance that pays off handsomely if it keeps you safer from credit card hackers out to steal your stored data

What is PCI Data?

Data included in PCI compliance includes all Sensitive Data - the information encoded on a credit card.  This kind of data should never be stored.

Data also can be the cardholder information businesses often gather and store - including all personal information visible on a credit card.  This includes the account number, name of cardholder, PIN or service code, and expiration date.

What Data Do I Need To Protect to Meet PCI Security Requirements?

To meet bank card cardholder information security requirements and credit card security standards, you will need to protect 

card readers

point of sale systems

hard copy or paper files

databases where you store or transmit payment system information

shopping carts

applications for payment

wired and wireless networks


Get help now with computer services for PCI compliance in Marana, Oro Valley or Tucson.


Continental Computer Services provides PCI compliance support in Tucson, PCI compliance support in Marana, and PCI compliance support in Oro Valley.



How Do I Get Started with Credit Card Compliance?

  1. Determine what "level" of compliance your business is required to  meet for each of the cards you accept. The level can vary from card to card so check each one carefully.  If in doubt, ask your credit card bank.
  2. Determine which self-assessment questionnaire is appropriate for your type of business and complete that PCI self-assessment questionnaire.
  3. If you are have areas where your business falls short of full PCI compliance, give us a call.  We can help bring your business up to standard card industry requirements.

We Can Help You Be Compliant

Continental Computer Services Can Help Your Business Become PCI Compliant

 Meeting PCI standards can be a confusing and time consuming task, especially if you don't have an in-house IT expert.  Basically, meeting standards requires that you assess your business practices, identify and handle any PCI remedies required to fix your systems, and report at least annually to your cardholder bank. 

Our PCI compliance services team can help.  PCI services will help you identify, document and fix any needed PCI remedies so that you can demonstrate a PCI compliant environment.

  • You will want to have a managed PCI compliant firewall, SSL certificates and a secure email gateway.  We can install those for you.
  • You will need to verify that you have a PCI compliant router and PCI compliant server and that your wireless networks are separate from the cardholder data environment.  We can inspect your networks and segment as needed.
  • You will need to verify that you maintain a hardware inventory.  Our PCI services team can create a hardware inventory for your staff to use - and update annually if you like.
  • You will need to verify that you have control over your wireless devices.  We can scan for rogue wireless access points, identify at unauthorized wireless devices, and help you identify any threats to physical security of your wireless networks.  We can change default settings, provide intrusion detection and set up wireless encryption.
  • You will need to have policies in place to handle PCI compliance issues.  Our PCI services team can help you create PCI compliance policies tailored to your organization.

Contact Us for Help with PCI

Want more information about how your business can meet PCI Compliance requirements? Drop us a line!

Better yet, see us in person!

We love our customers, so feel free to visit during normal business hours.

Continental Computer Services

1016 W Saint Marys Rd, Tucson, Arizona 85745, United States

(520) 405-9568

Hours

Monday - Friday: 8am - 5pm

Saturday: By appointment

Sunday: By Appointment