PCI cyber security compliance for charity retailers
The PCI DSS (Payment Card Industry Data Security Standard) version 3.1 standard dictates that an internally managed network security scanning and log auditing process must be established by all retailers who handle major credit and debit cards – specifically they must perform routine systems vulnerability scans and auditing of server/network access log files – which sadly isn’t in place within many charity retail operations.