For those not knowing the Internet Acronym used in the title look here: Wiktionary
So I have a few clients with online stores of one type or another, mainly they trade as an online arm of an existing business, though this isn’t the case in all circumstances.
For those not knowing the process to get an online store – it entails getting a merchant ID (something the banks will say they can sort in about 5 days, though experience tells us it takes on average 6-10 weeks! ).
Part of this process is the security of the websites – something which I believe most online businesses should take more seriously – Enter the PCI Compliance system.
This is a system which simulates a site infiltration via several known methods - and gives a report that indicates the level of security that the site has. On the face of it a good thing…
Firstly, the tests that are performed can (and do) fail in their execution, on some sites.
This may mean that, even though the security may be above and beyond the level required for compliance, the site will get a ‘failed’ rating because the tests cannot get in.
Surely this is the point, if you cannot get in does that not indicate a secure site?
Secondly, the tests require that some access points to sites (such as those used by known management systems) must be disabled.
This means that common systems used to control and configure systems cannot be used (The router that connects you to the outside world usually has a web based control panel accessible externally, to pass this must be disabled).
This makes my support to the clients EXTREMELY difficult If I cannot connect remotely to their systems.
This all makes sense when you realise that, even though PCI compliance is NOT required, nor even recognised by some providers, the banks will charge you a monthly fee if you are not compliant…
Believe me when I say that it’s VERY easy to be ‘Non compliant’
Call me a cynic if you will!
Call us to request your FREE mini audit of your computers, server (if you have one) and network. 08456 340599.
After this We GUARANTEE to be able to add value to your business.
We will analyse your computer systems, identify problem areas and advise you on how these problems can be removed so your business can run more efficiently
Will give you impartial advice from a position of knowledge – for no more than the cost of a cup of tea.
Free IT audit is available to businesses within West Yorkshire, UK.