Security and compliance are key to your institution’s success. The convenience and benefits of allowing credit card payments for your school and your students can’t be stressed enough. With anywhere from 20,000 to 1 million transactions per year, level 3 higher education institutions are likely targets for a data breach. At a time when even the federal government can be successfully hacked, PCI DSS noncompliance can be costly to your institution, not just in the form of fines, but in the potential damage that such a breach can do to your institution’s business and brand.
In a recent EdTech post, freelance journalist Wylie Wong endeavors to provide an overview of the challenges to PCI DSS and an analysis of the risks that may result from noncompliance. Wong begins by defining the controls that are needed to secure your network and protect cardholder data using encryption. The post focuses on the most recent version of the PCI data security standards which must be implemented by the first of February 2018.
Wong offers a number of excellent recommendations including:
- the importance of getting all departments on the same page
- the need to segment your network traffic so that credit card transactions are separate from other data
- recommending outsourcing payment processing to a third-party provider or, if processing remains in-house, considering bringing in a qualified security assessor
With proper training you and your staff can ensure PCI DSS compliance and avoid the high cost of a data breach. For more details, check out the complete post here.