Posted on Dec 29, 2016 |
The Payment Card Industry’s Data Security Standard (PCI DSS) was created to increase controls over cardholder data and reduce fraud. It applies to every organization around the world that processes credit or debit card information. Unfortunately, it’s not always clear to businesses which steps need to be implemented to ensure PCI compliance. Using the right software solutions can take a lot of the work out of your hands.
It’s essential to factor protection for your file transfers into your security and compliance plan. If you possess customer cardholder data, an unsecure transfer method leaves that data especially vulnerable to interception and theft. The most common file transfer pitfall is relying on inadequate methods such as free FTP tools, file sharing apps, and email attachments. Ideally, your file transfer solution will go beyond protecting your data with encryption and secure protocols and also help you to provide the information that an auditor needs through detailed reports and role-based access.
The penalties for failing a PCI audit are severe and will likely negate the savings of your “inexpensive” transfer method. Of course, complying with PCI DSS is not just about avoiding fines. PCI compliance should be seen as a set of core principles that will help you avoid a costly breach of your data—and having to tell your customers that you’ve allowed their credit card data to be stolen.
PCI DSS compliance is based on twelve main requirements. We’ve put together a guide that demonstrates how GoAnywhere Managed File Transfer addresses several of them. For example, GoAnywhere protects your files at rest (PCI Requirement 2) using strong encryption methods like AES and OpenPGP. Its role-based accounts allow you to restrict access to cardholder data by business need-to-know (PCI Requirement 7).
Instantly download the guide to see how GoAnywhere helps to make PCI compliance easy.