Week 2Q Compliance with Laws and Regulations
docx
keyboard_arrow_up
School
Prince George's Community College, Largo *
*We aren’t endorsed by this school
Course
413
Subject
Information Systems
Date
Nov 24, 2024
Type
docx
Pages
1
Uploaded by seth7up.sf
CSIA 413 Week 2 Discussion: Compliance with Laws and Regulations
Red Clay Renovations is persistently expanding its customer base by aiding individuals with enhancing their houses and livelihoods. We are continually processing credit card transactions, which demands Red Clay become secure under the PCI DSS in order to pursue processing credit cards devoid of fines. Fines can be very exorbitant; However, the PCI fines are minor regarding the credit surveillance fees, lawsuits, and techniques by both the federal and state governments that may arise if you are not fully PCI DSS compliant. (Petters, 2020). To steer clear of these heavy fines it is essential to fulfill three PCI DSS criteria, safeguard memorized cardholder information, encrypt cardholder data transmission across unsecured or public computer networks, and frequently upgrade anti-
virus software or tools to safeguard all systems from any sort of malware.
Here is a total of three PCI DSS standards that must be considered, secure saved cardholder information, “entities that accept payment cards are obligated to protect customer data and prevent illegal use of it, whether the data is printed or kept locally, or whether it is delivered to a remote server or service provider via an internal or public network” (PCI Security Standards Council, 2018). The next standard is: encrypting cardholder data transmission via open networks, it involves any network to which the device may connect, such as mobile networks. Finally, protect
all computers from malware and keep anti-virus software or programs up to date. This indicates that any systems classified in-scope devices that process, save, or transfer PCI data require anti-malware and anti-virus programs functioning properly with frequent updates to assure compatibility.
As previously stated, these constitute only three of the twelve PCI DSS standards. We shall face no penalties if we continue to comply with the PCI Security Standards Council. In addition, there are four levels of PCI compliance that need to be met, and these regulatory criteria are empowered by card issuers Visa and Mastercard. Red Clay's compliance level would be determined by the number of transactions performed each year. “Visa complicates your
life by retaining the right to adjust your level standards to a more stringent level regardless of the number of transactions handled every year. For example, if you meet Level 4 compliance, you must now follow Level 1 regulations.” (WHOA, n.d.).
References
Peters, J. (2020, March 29). What is PCI Compliance: Requirements and Penalties. Varonis.com.
https://www.varonis.com/blog/pci-compliance/#:~:text=Penalties%20for%20PCI
%20Compliance%20Violations&text=Fines%20vary%20from%20%245%2C000%20to,a
%20small%20business%20into%20bankruptcy
PCI Security Standards Council. (2018, July). PCI DSS Quick Reference Guide Understanding
the Payment Card Industry Data Security Standard version 3.2.1. PCI Security Standards
Org. https://www.pcisecuritystandards.org/documents/PCI_DSS-QRG-v3_2_1.pdf?
agreement=true&time=1592963439288
WHOA. (n.d.). Levels of PCI Compliance. Whoa.com. https://www.whoa.com/levels-of-pcicompliance/
Discover more documents: Sign up today!
Unlock a world of knowledge! Explore tailored content for a richer learning experience. Here's what you'll get:
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help