If you came here looking for "PCI certification," then let us tell you that such a thing doesn't exist. Confused? Well, you should be. But relax, as not everything you've heard or known about PCI is incorrect. There is an important thing called "PCI compliance" you should know about! In this article, we'll be talking about PCI compliance, whether you need to follow it, and how it can help your business. And we’ll be using the word “PCI certification” throughout the rest of the article for the ease of your understanding. But before we do that, let’s first time-travel a bit.
What Is an ASV Vulnerability Scan?
Perhaps the most vilified of all the Payment Card Industry Data Security Standard (PCI DSS) requirements is number 11 — that all organizations accepting payment must perform quarterly scans by an approved scan vendor. These are also known as ASV vulnerability scans. But that’s not all, either. If your organization accepts payment cards, regardless of what level you’re at, compliance is a must.
How Much Does PCI Compliance Cost?
Companies and organizations loathe compliance. It requires attention, labor and expenses to be assumed and there’s really no profit involved. That leads compliance frameworks like Payment Card Industry Data Security Standards (PCI DSS) with a rather onerous reputation, that — in some cases — really isn’t deserved.