Modified on: Friday, March 8, 2024 at 06:52 AM Eastern
Yes. EducationLaw.org is PCI-DSS compliant. Please see the following excerpts from the WooCommerce that explain the ways in which we meet these security standards.
What is PCI-DSS?
PCI-DSS (Payment Card Industry Data Security Standard) is a set of actionable rules defined by the Payment Card Industry Security Standards Council to encourage the broad adoption of consistent data security measures around the world with an aim to reduce credit card fraud. These rules apply to anyone who stores, processes, or transmits cardholder data. For more information about PCI-DSS, please review the Quick Reference Guide here.
How Does PCI-DSS Meet Core Requirements?
EducationLaw.org meets the following 12 core PCI-DSS requirements:
GOALS
PCI-DSS REQUIREMENT
Build and Maintain a Secure Network
EducationLaw.org installs and maintains a firewall configuration to protect cardholder data by using Wordfence and WooCommerce software.
EducationLaw.org does not use vendor-supplied defaults for system passwords and other security parameters.
Protect Cardholder Data
EducationLaw.org never stores card details because WooCommerce and Strip does never store more than 4 digits of a card number if storing payment tokens for re-use.
EducationLaw.org enforces SSL on user checkout pages.
EducationLaw.org encrypts transmission of cardholder data across open, public networks.
Maintain a Vulnerability Management Program
EducationLaw.org uses and regularly update anti-virus software through WordPress, Wordfence, BuddyBoss, and LearnDash software updates.
EducationLaw.org develops and maintains secure systems and applications through Amazon Web Service, RunCloud.io, and BobCares Server Administrators.
Implement Strong Access Control Measures
EducationLaw.org restricts access to cardholder data by business need-to-know;
EducationLaw.org assign a unique WordPress ID to each person with computer access;
EducationLaw.org restricts physical access to cardholder data by using WooCommerce and Stripe software that does not give any staff member access to full cardholder data.
Regularly Monitor and Test Networks
EducationLaw.org uses a variety of security checks in WordPress, Wordfence, and WooCommerce to track and monitor all access to network resources and user data;
EducationLaw.org regularly tests security systems and processes.
Maintain an Information Security Policy
EducationLaw.org maintain a privacy policy and terms and conditions policy that addresses information security.
Please note that EducationLaw.org uses Wordfence, an authorized by the Common Vulnerabilities and Exposures (CVE®) Program as a CNA, or CVE Numbering Authority. As a CNA, Wordfence assigns CVE IDs for new vulnerabilities in WordPress Core, WordPress Plugins and WordPress Themes.
Did you find this article helpful? YesNo
Sorry we couldn't be helpful. Help us improve this article with your feedback.
Handbooks
Report
There was a problem reporting this post.
Block Member?
Please confirm you want to block this member.
You will no longer be able to:
See blocked member's posts
Mention this member in posts
Invite this member to groups
Instant message this user.
Please allow a few minutes for this process to complete.
Report
You have already reported this .
Latest News & Updates
Early Bird Discount for Conference
Enjoy a 10% Early Bird discount on our upcoming conference! Use code: EARLYBIRD70 at checkout.