My Merchant Account Blog

Maintain an Information Security Policy

Monday, December 08, 2008
The last core of Payment Card Industry Data Security Standard (PCI DSS) only has one requirement
  • Maintain an Information Security Policy
Companies should have a strong security policy in place that all employees should sign and abide to.  The employees should understand the sensitivity of the data and what their responsibilities are in protecting this data.  The security policy should be followed stringently.  New employees should be made aware of the security policies and made to sign they understand their duties and responsibilities.

The policy should assign a team or individual to security management to ensure policies are disseminated accordingly.

The policy should address what happens when a compromise occurs.  It should help to identify who should be called, no matter the time of day.  The plan should include continuity procedures, data backup processes, roles and responsibilities, and a contact strategy (for example, contacting the credit card associations).

You should also review the PCI DSS Requirements and Security Assessment Procedures for the complete requirement.  It will go into complete detail of what your information security policy should contain.

DeliciousDigg This PostNewsvineRedditTechnorati

Posted by Administrator at 2:25:21 PM in PCI DSS (12) | Comments (0)

Comments

Name
URL
Email
Email address is not published
Access Code secureimage
Please enter the access code
Remember Me
Comments
Search My Merchant Account Blog


My Merchant Account Blog Categories
My Merchant Account Blog Archives
My Merchant Account Blog Recent Entries


RSS Feed for My Merchant Account Blog SiteMap



About My Merchant Account Blog

Sign Up for a Merchant Account

Get a Merchant Account today - No Contracts, No Termination Fees

Merchant Account
Resources Directory

Check out the new
Merchant Account Resources Directory
Feel Free to submit you link!

Feeds Available