Why PCI-DSS is important for you
Your ability to process credit cards may be at risk. According to Data
Security Standards, you must be using a PCI-DSS compliant payment application by July 1, 2010
PCI-DSS is a set of requirements for enhancing payment account data security. Its standards include
requirements for security management, policies, procedures, network architecture, software design,
and other measures created to protect customer account data. Developed by American Express, Discover
Financial Services, JCB, MasterCard Worldwide, and Visa International (the founders of the PCI Security
Standards Council), PCI-DSS is designed to facilitate global adoption of consistent data security measures.
There are 12 requirements that fall into six categories:
- Build and Maintain a Secure Network: Install and maintain a firewall and use unique, high-security,
passwords with special care to replace default passwords.
- Protect Cardholder Data: Whenever possible, cardholder data must not be stored. You must also encrypt
any data passed across public networks, including your shopping cart and web-hosting providers.
- Maintain a Vulnerability Management Program: Use anti-virus and keep it up date. Develop and maintain
secure operating systems and payment applications. Ensure the applications you use are compliant
- Implement Strong Access Control Measures: Access to cardholder data – both electronic and physical –
should be on a "need-to-know" basis. Ensure those people with access have a unique ID and password.
Do not share logon information.
- Regularly Monitor and Test Networks: Track and monitor all access to networks and cardholder data. Ensure you
have a regular testing schedule for security systems and processes including firewalls, patches and anti-virus.
- Maintain an Information Security Policy: It's critical that your organization has a resource for governing your
company’s data security. Ensure you have a policy and that it's disseminated and updated regularly.
Although Sage ERP Accpac does not process or transmit credit card data, it does store data. To help you
comply with PCI - DSS requirements, Sage has created a Scrub Utility to safely remove this data.
In addition to much more information, this utility is available for download at
For help accessing the utility or for more information on compliance requirements
CLICK HERE or call us at 425-402-4000 now.
©Copyright Forepoint LLC All rights reserved. Reproduction in whole or in part without permission
is prohibited. The capabilities, system requirements and/or compatibility with third-party products
described herein are subject to change without notice. Other product names used herein are trademarks
of their respective owners.
This Web site is owned by Forepoint LLC. Forepoint LLC is independent from Sage Software and is not
authorized to make any statement, representation or warranties or grant any license or permission on
behalf of Sage Software regarding any Sage Software product, service or Web site content.
Certain materials made available on or through this Web site are owned by Sage Software and cannot be
used without Sage Software’s prior written permission.