Close this search box.

Keep Your Shoppers Safe With These 4 Non-Technical PCI-DSS Tasks

Employee working on laptop with marketing designs loaded on screen.

I have a hunch: as a merchant, keeping your shoppers secure is of utmost importance to you. But PCI-DSS requirements can be overly technical, confusing, or simply not applicable to your situation.

When holiday shopping season rolls around, you might feel as though you’re simply hoping for the best.

Here are 4 practices to turn your best intentions into actions. The best part? They aren’t super technical.

1. Read over your last completed PCI-DSS self-assessment.

Since this step may  have a more technical side to it (depending on your PCI-DSS level), we’re putting it first so you can get it out of the way.

The main goal in reviewing your most recent self-assessment is to uncover any tasks you put on your to-do list…and subsequently forgot about. Self-assessments have the downside of requiring self-enforcement; tasks can fall through the cracks when you’re focused on running your company.

Beyond that, a review of your questionnaire can help boost your confidence in your company’s payment card security practices.

If you need help completing or reviewing a self-assessment, contact us. We perform security evaluations and offer PCI-DSS compliance services.

2. Give your customers an email address and phone number where they can report phishing attempts.

Even if you’re a small fish in a big pond, don’t assume hackers haven’t noticed you. Hackers are increasingly targeting smaller businesses with the (good) assumption that their security resources are slim to none.

Cyber criminals have likely been planning holiday phishing attacks since New Year’s Day, 2017, attacks which use inside information from hundreds of small to mid-size businesses, including employee names, URL spoofs, and logos.

Let your customers know how they can alert you of any suspicious activity in your name, and keep a vigilant eye on your inbox.

3. Monitor vendor alerts and feeds.

In addition to keeping the lines open with your customers, keep an ear out for alerts (email, social media, and/or phone) from your Card Scanner and Point of Sale vendors. For most of you, the bulk of the PCI-DSS requirements fall squarely on their shoulders. And as we know, no company is immune to a breach.

Monitoring your vendors’ newsfeeds will help you respond immediately if a breach occurs. Similarly, keeping their security contact information on hand allows you to immediately inform them of any suspicious activity you notice.

4. Educate your customers

Share credit card safety tips (like the ones in this article) online via your social media profiles and/or post them in your place of business.

Enjoy the rush of the holiday shopping season—in safety.

Corsica Technologies
Corsica provides personalized service and a virtual CIO (vCIO) who serves as a strategic advisor. When it comes to the complex integration of solutions for IT and cybersecurity, the whole is greater than the sum of its parts. We offer cybersecurity solutions, managed services, digital transformation, resale services, and one-off technology projects. Corsica unifies any combination of these services into a complete, seamless solution.

Related Reads

EDI Transactions and Document Types - Corsica Technologies

EDI Transactions: What It Takes To Win

EDI transactions are the lifeblood of processes like order placement, shipping, receiving, claims processing, and more. Across numerous industries, these transactions keep things moving in a way that no other technology can. In fact, you could say EDI solutions make

Read more
EDI 856 - Advance shipment notice - Corsica Technologies

EDI 856: Getting Your Advance Shipment Notices Right

Shipping and logistics get complicated when you have sensitive products and limited warehouse space. How do you ensure the warehouse is ready to receive a shipment—and ready to handle time-sensitive products appropriately? An EDI 856 document solves this problem. This

Read more
Cloud Data Integratoin: Power vs. ease of support - Corsica Technologies

Cloud Data Integration: Power vs Ease Of Support

It’s essential for cloud systems to talk to each other. If they don’t, data can become siloed, without widespread availability across the organization. But cloud systems introduce their own complexities that are different from on-premises systems. How do you choose

Read more

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.