When a business is financially safe from fines and penalties that a business would normally incur from a card data breach, they are said to be inSafe Harbor. To attain Safe Harbor status a business must validate and maintain full PCI compliance at all times.
Visa defines Safe Harbor as the following:
“Safe Harbor provides members protection from Visa fines and compliance exposure in the event its merchant or service provider experiences a data compromise.”
Computer network and software application weaknesses are discovered by criminals daily. Last October, the PCI standard changed from PCI DSS 1.2 to PCI DSS 2.0 to clarify, expound, and evolve certain requirements in effort to protect against emerging criminal trends.
Many PCI compliant businesses may not realize PCI validation needs to take place either quarterly, or yearly, depending on how payment cards are processed. Staying current with the PCI standard must be part of a business’ culture to continually prevent theft and fraud. See if your business maintains Safe Harbor by checking your PCI compliance status at your SecurityMetrics account. Visit www.securitymetrics.com/login.adpto sign in.