Introduction to PCI Compliance – 12 Rules Every Hotel Lives By

PCI DSS or Payment Card Industry Data Security Standard is a globally accepted set of security regulations designed to protect all companies that accept, process, store, and transmit credit card information.

The primary purpose of the standards is to create a secure environment for payment processing and card data storage. The standards are regulated, monitored, and updated by the PCI SSC, commonly known as the Payment Card Industry Security Standards Council. The council, set up in September 2007, focuses on improving payment security throughout the transaction process.

Read our Previous Blog on Hotel Cyber Security

All payment processors and merchants are responsible to enforce PCI compliance rules on their own and not the PCI Council. PCI compliance is built on 12 rigorous & comprehensive rules.

1. Network Firewalls – Install and maintain a firewall configuration to protect cardholder data.

2. Stronger Custom Passwords – Do not use vendor-supplied defaults for system passwords and other security parameters.

3. Data Security – Protect stored cardholder data.

4. End to End Data Encryption – Encrypt transmission of cardholder data across open, public networks.

5. Threat Detection & Protection – Use and regularly update antivirus software.

6. Compliant Hardware & Software – Develop and maintain secure systems and applications.

7. Staff Authorization & Access Controls – Restrict access to cardholder data by business need-to-know.

8. Certified Access IDs – Assign a unique ID to each person with computer access.

9. Secure Storage – Restrict physical access to cardholder data.

10. Network Monitoring – Track and monitor all access to network resources and cardholder data.

11. System Maintenance & Testing – Regularly test security systems and processes.

12. Information Technology Security Policy Development – Maintain a policy that addresses information security.

Concluding Remarks

As the hotels increase their payment touch points across properties, PCI compliance becomes more and more relevant with every growing POS system.

At Advanced Hospitality Technologies we ensure your technology infrastructure is compliant with PCI rules and your hotel staff with equipped with all latest knowledge to handle safe POS transactions.

Give our team a call today to have your hotel evaluted for PCI compliance standards. Our expert team will assist you with all necessary requirements and provide your employees with all latest industry best practices to ensure your asset is powered by a PCI compliant payment system.