My Merchant Account Blog - Maintain an Information Security Policy

Maintain an Information Security Policy

Monday, December 08, 2008

The last core of Payment Card Industry Data Security Standard (PCI DSS) only has one requirement

Maintain an Information Security Policy

Companies should have a strong security policy in place that all employees should sign and abide to. The employees should understand the sensitivity of the data and what their responsibilities are in protecting this data. The security policy should be followed stringently. New employees should be made aware of the security policies and made to sign they understand their duties and responsibilities.

The policy should assign a team or individual to security management to ensure policies are disseminated accordingly.

The policy should address what happens when a compromise occurs. It should help to identify who should be called, no matter the time of day. The plan should include continuity procedures, data backup processes, roles and responsibilities, and a contact strategy (for example, contacting the credit card associations).

You should also review the PCI DSS Requirements and Security Assessment Procedures for the complete requirement. It will go into complete detail of what your information security policy should contain.

Posted by Administrator at 2:25:21 PM in PCI DSS (12) | Comments (0)

Comments

Search My Merchant Account Blog

My Merchant Account Blog Categories

My Merchant Account Blog Archives

My Merchant Account Blog Recent Entries

SiteMap

About My Merchant Account Blog

Internet Merchant Account

Get an Internet Merchant Account with a 2.09% discount rate. No monthly minimum - free electronic payment gateway. No termination fee and no yearly contracts!

Merchant Account
Resources Directory

Check out the new
Merchant Account Resources Directory
Feel Free to submit you link!

Name
URL
Email	Email address is not published
Access Code
Please enter the access code
Remember Me
Comments