Shopping Cart

No products in the cart.

Shopping Cart

No products in the cart.

Donate
Home / Handbooks / Security / Security Protocols / Is EducationLaw.org PCI-DSS Compliant?

Is EducationLaw.org PCI-DSS Compliant?

Modified on: Friday, March 8, 2024 at 06:52 AM Eastern

Yes. EducationLaw.org is PCI-DSS compliant. Please see the following excerpts from the WooCommerce that explain the ways in which we meet these security standards.


What is PCI-DSS?


PCI-DSS (Payment Card Industry Data Security Standard) is a set of actionable rules defined by the Payment Card Industry Security Standards Council to encourage the broad adoption of consistent data security measures around the world with an aim to reduce credit card fraud. These rules apply to anyone who stores, processes, or transmits cardholder data. For more information about PCI-DSS, please review the Quick Reference Guide here.


How Does PCI-DSS Meet Core Requirements?


EducationLaw.org meets the following 12 core PCI-DSS requirements:


GOALS PCI-DSS REQUIREMENT
Build and Maintain a Secure Network
  1. EducationLaw.org installs and maintains a firewall configuration to protect cardholder data by using Wordfence and WooCommerce software.
  2. EducationLaw.org does not use vendor-supplied defaults for system passwords and other security parameters.
Protect Cardholder Data
  1. EducationLaw.org never stores card details because WooCommerce and Strip does never store more than 4 digits of a card number if storing payment tokens for re-use.
  2. EducationLaw.org enforces SSL on user checkout pages.
  3. EducationLaw.org encrypts transmission of cardholder data across open, public networks.
Maintain a Vulnerability Management Program
  1. EducationLaw.org uses and regularly update anti-virus software through WordPress, Wordfence, BuddyBoss, and LearnDash software updates.
  2. EducationLaw.org develops and maintains secure systems and applications through Amazon Web Service, RunCloud.io, and BobCares Server Administrators. 
Implement Strong Access Control Measures
  1. EducationLaw.org restricts access to cardholder data by business need-to-know;
  2. EducationLaw.org assign a unique WordPress ID to each person with computer access;
  3. EducationLaw.org restricts physical access to cardholder data by using WooCommerce and Stripe software that does not give any staff member access to full cardholder data.
Regularly Monitor and Test Networks
  1. EducationLaw.org uses a variety of security checks in WordPress, Wordfence, and WooCommerce to track and monitor all access to network resources and user data;
  2. EducationLaw.org regularly tests security systems and processes.
Maintain an Information Security Policy
  1. EducationLaw.org maintain a privacy policy and terms and conditions policy that addresses information security.


Please note that EducationLaw.org uses Wordfence, an authorized by the Common Vulnerabilities and Exposures (CVE®) Program as a CNA, or CVE Numbering Authority. As a CNA, Wordfence assigns CVE IDs for new vulnerabilities in WordPress Core, WordPress Plugins and WordPress Themes.

Did you find this article helpful? Yes No

The premiere association for practical knowledge, scholarship, and interdisciplinary dialogue about legal and policy issues affecting all levels of education.

Donate

Report

Hostile, belligerent, abusive, threatening, intimidating, or antagonistic combativeness.
Content that promotes cruelty or gratuitous violence towards animals. Content that may be interpreted as trading in, or selling products derived from, threatened or extinct species.
Manipulates or interferes with an election or other civic activities, or misleads others about when, where, or how to engage in an election or civic process.
Unjust or prejudicial treatment based on the protections listed in the anti-discrimination policy.
Taking advantage, preying on, or manipulating children or vulnerable adults.
Harrying, pestering, intimidating, stalking, or bullying behavior.
Promotion or encouragement of injury to self or others.
Engaging in unlawful or illegal behavior.
Poses as an individual or group to impersonate, mislead, confuse, or deceive others.
Contains mature or sensitive content
Represents another person’s words, ideas, or work as one’s own, or violates copyright or trademarks.
Contains misleading or false information
Contains misleading or false information. Or false information which is intended to mislead and misinform.
Contains abusive or derogatory content
Publishes or posts other people’s private information (such as home phone number and address) without their express authorization and permission.
Excessively violent or cruel, or nudity or sexual activity.
Text, image, audio, or video of graphic sexual acts intended to arouse, or content promoting underage, non-consensual, or other illegal sexual themes, whether simulated or real.
Irrelevant, indiscriminate, or inappropriate communication to recipients.
Contains spam, fake content or potential malware
Content containing violent language, gruesome or disgusting imagery, or graphic images or accounts of physical trauma.

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Instant message this user.

Please allow a few minutes for this process to complete.

Report

You have already reported this .

Latest News & Updates

Early Bird Discount for Conference

Enjoy a 10% Early Bird discount on our upcoming conference! Use code: EARLYBIRD70 at checkout.

Purchase Tickets

Conference Proposals Submission Deadline

Reminder: The deadline to submit proposals for the 2024 conference is April 30, 2024.
Submit Proposal

Membership Auto-Renew Option

You now have the option to turn on/off auto-renew for your membership.
Manage Settings