Ycfundingprovides financing loans, Direct Funding, Real Estate Loans, Transactional Funding and Pre-Settlement Funding. YC Funding is an active lender in major markets across the country. ...read more
By YC Funding August 04, 2015
PCI Compliance-PCI-DSS-PCI Security-PCI Fees Detroit Michigan PCI DSS and Handling SensitiveCardholder Data—Why You CareThe cost of Payment Card Industry Data Security Standard (PCI DSS) compliance is vastly underestimated—but maybe not as understated as the tangible and intangible costs of a data breach. Every merchant that accepts payment cards has a cardholder data environment (known as CDE, or the computer systems and applications that use or store sensitive card data) that comes under the purview of the PCI DSS. It's possible to limit—and even shrink—the scope of the CDE in order to reduce or minimize the merchant's PCI burden.Merchants that accept debit, credit and prepaid cards are acutely aware of an additional burden placed on their businesses starting in 2006. This is the year that the Payment Card Industry Security Standards Council (PCI SSC) began publishing stringent, resource-intensive requirements concerning the security of handling and storing sensitive cardholder data. Since then, merchants have collectively spent in excess of $1 billion on compliance with the PCI DSS as part of their security programs.1 PCI DSS compliance includes a long list of requirements and is a significant responsibility for businesses of all sizes. The security requirements cost the largest merchants (Level 1), on average, $2.7 million, according to the analyst firm Gartner Inc. Even small merchants (Level 4) might have to spend several thousand dollars on the initial security assessment and new technology and security measures.2 What's more, maintaining PCI compliance is a continuous process that requires constant vigilance and incurs ongoing costs. The penalties for noncompliance can be severe, including the merchant's loss of the ability to accept credit card payments and being audited and/or fined. Still, the relentless drive to protect sensitive cardholder data is vital. Losses stemming from data theft are on the rise. According to the Ponemon Institute, the average cost of coping with a data breach in 2008 rose to $6.6 million—a 40 percent increase since 2006.3 Moreover, the threats are evolving as organized thieves use ever more sophisticated techniques to hack into more merchants' systems to steal sensitive data.All parties involved in processing card transactions have an imperative to continually improve their data security techniques. One of the top reasons a merchant is most likely to fail a PCI audit—and a leading factor in data theft—is the failure to adequately protect stored data. VeriSign Global Security Consulting Services, a division of security services vendor VeriSign, has conducted hundreds of PCI assessments in recent years. Of the merchant companies assessed by VeriSign, 79 percent were cited for the failure to protect stored data and thus failed their assessments.The challenge for merchants is finding and implementing a solution or set of solutions that adequately protects sensitive cardholder data at rest and in motion; that meets the requirements of PCI DSS; and that doesn't slow or impair business processes or decrease profits. Key Takeaways There are several key points for readers to take away and consider in the context of their businesses. J The cost of PCI DSS compliance is vastly underestimated. As the PCI DSS requirements grow more stringent, the cost of attaining, assessing and maintaining compliance grows larger each year. The cost burden falls largely on the millions of merchants that accept credit, debit and prepaid cards in the payment for goods and services. All merchants want to reduce the cost of PCI DSS compliance; some are beginning to do so by shrinking the footprint of the cardholder data environment (CDE)— the computer systems and applications that use or store sensitive card data. Reducing the CDE has the direct effect of lessening a merchant's time and money spent on PCI DSS compliance. J While the cost of complying with PCI DSS and the associated validation mandates are high, the cost of suffering a data breach can be much higher. Victim companies often pay out millions of dollars to contain or repair the damage resulting from a breach. That amount doesn't include the less-quantifiable, but just as critical, brand impairment that lowers the company's market value. The best defense against a data breach is a good offense with data-securing processes and technologies. J Of the 12 PCI DSS requirements, the one area that is most problematic and costly for many companies is requirement #3: protect stored cardholder data. Failure to adequately protect the sensitive data is a leading reason why companies fail their PCI assessments, as well as a leading factor in data theft or exposure. Reasonable attempts to protect the data can be costly, often because the data is used in business applications beyond the initial transaction.Spreading the data across more systems and applications increases the need for protective measures. J Merchants aren't expected to act alone in attempting to contain and even reduce the cost of their PCI DSS compliance. The card payment ecosystem includes many partners who can offer security solutions and assume some of the risks and responsibilities of protecting sensitive data. What Is PCI DSS? The PCI SecurityStandards Council contends that merchant-based vulnerabilities mayappear almost anywhere in the card processing ecosystem. This includes point-of-sale (POS) devices, PCs or servers, wireless hot spots, Web-based shopping applications, paper-based storage systems and the unsecured transmission of cardholder data to service providers. Susceptibilities also can extend to outside systems operated by service providers and acquirers. These vulnerabilities can, and often do, lead to the exposure or theft of sensitive cardholder data, especially at the merchant level. The Verizon Business RISK Team reports that payment card breaches were at the top of the list of all reported data breaches in 2008, far outnumbering other data-type breaches. What's more, fraudulent use of stolen card data was confirmed in 83 percent of the breach cases investigated by the Verizon team.Clearly, all businesses in the electronic payments ecosystem need strong data security measures to mitigate the risk of exposure. This is the premise behind the development of the PCI Data Security Standard. PCI DSS represents the best available framework to guide better protection of cardholder data. Until the PCI standards were published, merchants had little guidance about what specific actions to take to protect sensitive data. The situation was especially vexing for small merchants that lack in-house information technology expertise.Learn more about PCI DSS PCI Security PCI Fee PCI Fees atLearn more at http://www.valuedmerchants.comValued Merchant Services800.531.8575 Main Office877.885.1740 Fax800.228.0210 Customer Servicesales@valuedmerchants.comhttp://www.valuedmerchants.com ...read more
By Valued Merchant Services Detroit March 18, 2011
Making the decision to sell one's stocks can be very confusing if one is a novice. There are a number of factors that should be considered when selling stocks, such as what price one should sell the stocks for and when is a good time to put them on the market. ...read more