More people agree: Don't store customer data internally

It seems that everyone's talking about payment security and PCI compliance these days. It's such a crucial factor for organizations because in today's uncertain economy, everyone is being more careful with their money. Businesses won't work with vendors if they feel their funds aren't safe in their hands. 

It seems that not only are more people agreeing about the importance of security, they are also coming to an agreement as to how to ensure customer information is protected. An article in the Globe and Mail lists ten ways to tighten payment security, and almost all of them tie into what we believe at VantageB2B - keeping information away from internal systems.

The piece talks about the importance of not storing sensitive information in a way that it can be the victim of a targeted attack. One way to do this is by not storing credit card numbers.

"To avoid one of the biggest PCI compliance risks, do everything in your power to not store credit cards numbers," the article says. "Look for a payments provider whose platform is designed so credit card information is never stored at your business site or directly on your business software."

Tokenization is the ideal solution here. Suppose you are a dealer of business technology systems and your customers are paying with purchasing cards. Don't store that information onsite. It is vulnerable and, if it is compromised, you could suffer from a severe reputational hit that will not only cause you to lose the business of that customer, but likely others as well. 

Tokenization will store that information offsite and ensure that it is protected from a targeted attack. This will go a long way toward maintaining PCI compliance. 

by Ty Hardison

Share this Post
Share to Facebook Share to Twitter Share to Google+ Share to LinkedIn More...



Reference Guides

Complete our contact form and we'll send you a link to download our Quick Reference Guides covering the essentials of accepting purchasing cards including best practices, Interchange rates & fees and card data security.