PCI compliance is important for your business because it is the standard by which companies that process charge card payments must legally adhere to – even if it only processes ONE charge card payment per year.
However, if you DO NOT process even one charge card payment, the PCI standards are excellent standards by which to protect the data and information on your network.
Consider These Points – Even If You Don’t Process Charge Cards
- Legally – YES, you can be sued if someone breaches your network and steals confidential information, even if it is not credit card based.
- Liability – YES, you can be sued for whatever damages your breach causes to other companies, organizations, or people.
- Your company – YES, stolen data can mean lost intellectual property, patents, bank passwords, bank account numbers, etc.
- Your company security – YES, a breach can result in stolen passwords and stolen access codes.
- Network security – YES, breaching your network could also allow the hacker to breach any customer or organization that you have remote access to.
- Continuing problems – YES, the hacker can also plant spyware on computers throughout your network and also install a “back door” to quietly come back in again.
Many network security experts know that a breach can result in many damaging actions, even if the network is thoroughly protected. Once a breach is achieved, the attacker can roam at will and find bits of information to eventually allow him/her to access the entire network.
If the breach is done quietly, the hacker can come back many, many times until the damage is done.
For the sake of an analogy, by law a bank must have a safe – but that does not mean that if you are not a bank you don’t need a safe.
KEEP YOUR COMPUTERS SECURE. Once someone breaches your computer, you cannot get that information back. At minimum, adhere to the PCI standards – even if you don’t process charge cards.
Brought to you by:
George M. Baldonado
President & CEO, Oasis Technology, Inc.