PCI Compliance Since the inception of the PCI compliance program, most merchants have been shielded from the process and procedural changes until now. The undertaking to figure out how to become compliant in some cases is more than frustrating, it's expensive. While the requirements are set in stone, the ways to achieve compliance are not. Sterling can offer solutions that can not only reduce your frustration, but eliminate the majority of the cost. If you find yourself ready to throw in the towel, contact our PCI experts and we'll help you find a solution that makes sense.

There are three ongoing steps for adhering to the PCI DSS

• Assess: identifying cardholder data, taking an inventory of your IT assets and business processes for payment card processing, and analyzing them for vulnerabilities that could expose cardholder data.
  
  
• Remediate: fixing vulnerabilities and not storing cardholder data unless you need it.
  
  
• Report: compiling and submitting required remediation validation records (if applicable), and submitting compliance reports to the acquiring bank and card brands you do business with.

PCI DSS follows common sense steps that mirror best security practices. The DSS globally applies to all entities that store, process or transmit cardholder data. PCI DSS and related security standards are administered by the PCI Security Standards Council, which was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Participating organizations include merchants, payment card issuing banks, processors, developers and other vendors.

To read an overview of PCI standards, click here.

For the Security Controls and Processes for PCI DSS Requirements, click here.

The PCI Data Security Standard CISP overview, click here.

Learn how to comply with PCI DSS, click here.

For web resources, click here.