Ensuring third party providers are PCI DSS compliant

third party pci dss compliant

Back in March we discussed how the use of purpose built payment terminals can minimize your data breach exposure by isolating sensitive cardholder data to systems that have very small attack surfaces which hackers are unlikely to penetrate. While diligently maintaining the data security posture of your own internal IT infrastructure continues to be of paramount importance, section 12.8 of the Payment Card Industry Data Security Standards (PCI DSS) version 3.1 specifically mandates that merchants must take steps to monitor the PCI DSS compliance of all third party service providers with access to cardholder data.

Read more ...

Join Our Newsletter