Day Two of Five: Rough guide to credit card and PCI issues in travel

NB: This is a guest post by Merchant Link, providers of security and support for credit card transaction and payment systems.

Day Two: Easy things you can do that cost little or no money

credit card2

Merchants are easily overwhelmed when it comes to achieving PCI compliance and securing credit card information.

Most already know that they must do more when it comes to protecting their customers’ data, but most feel they don’t have the time or money to do it properly.

Still, without security and trust, customers will start to disappear. But let’s be honest – hotel owners and operators are not security experts.

In today’s economy, most operators are more concerned with keeping their doors open.

So as the PCI Council continues to add more steps and requirements to the standards, most of these operators clearly aren’t able to spend the time, resources nor do they have the expertise to ensure that they are compliant.

So let’s start with some easy steps that can help you adhere to the standards without costing you too much time or money. These are the basics:

  • Block the unwanted: Install a firewall to block unauthorized access to your computer systems.  Consumer-grade firewalls require minimal configuration and cost very little.
  • Patch your systems: When a POS application or system vulnerability is identified, a patch is typically released by the vendor to protect your systems from being exploited.  Most patches can be downloaded and installed automatically and are free.
  • Use strong passwords: Change passwords on a regular basis and ensure you are using a combination of letters, numbers, and special characters.  Passwords should be easy to remember but hard for others to guess.  This is an easy, cost-free security measure.
  • Know where the data is: Determine where credit card data is stored on the network. Is there an inventory? When is it essential to have it stored? Most organizations can probably eliminate 50% of credit card data they store. If credit card data is not stored on your systems, the scope of your PCI compliance audit can be significantly reduced.

Using a multi-layered approach to secure critical assets needs to be a priority. If the hotel’s systems are secure, compliance will fall into place.

NB: This is a guest post by Merchant Link, providers of security and support for credit card transaction and payment systems. Follow on Twitter.

Share on FacebookTweet about this on TwitterShare on LinkedInEmail to someone
 
 
Viewpoints

About the Writer :: Viewpoints

A founding principle of tnooz was a diversity of viewpoints from across the spectrum. Viewpoints are articles by guest contributors from around the travel and hospitality industries. The views expressed are the views and opinions of the author and do not reflect or represent the views of his employer, tnooz, its writers, or partners.

 

Comments

Your email address will not be published. Required fields are marked *

  1. Day Five of Five: Rough guide to credit card and PCI issues in travel | Tnooz

    […] Day Two: Easy things you can do that cost little or no money […]

     
 
 

Newsletter Subscription

Please subscribe now to Tnooz’s FREE daily newsletter.

This lively package of news and information from Tnooz’s web site provides a convenient digest of what’s happening in technology that drives the global travel, tourism and hospitality market.

  • Cancel