PCI / DSS Security

The NextLevelShopper e-commerce application has been scanned by McAfee to insure compliance with PCI / DSS standards. The hosted network environment that supports the NextLevelShopper e-commerce application is also scanned by McAfee and is compliant with PCI / DSS standards. However, for your company to be PCI / DSS compliant, you will need to fill out a questionnaire and perhaps create or change your company's policies regarding the management of sensitive data. NextLevelObject's works with McAfee to help you fill out this questionnaire. By successfully filling out the questionnaire, and along with evidence of web application and system compliance (which NextLevelObjects provides), you will receive a Certificate of Compliance.

The Certificate of Compliance provides evidence that your company has shown prudence in protecting sensitive data and is compliant with PCI / DSS requirements. You can show this certificate to anyone interested (i.e.: banks, investors, lawyers, customers, suppliers, etc.).

Becoming PCI / DSS compliant offers several benefits:
  • The additional security measures your company takes will make it more difficult for criminals to hack into your system, thereby stealing sensitive data and disrupting business operations.
  • In the event of a successful attack, the Certificate of Compliance shows that you did all you could to prevent the attack, and therefore reduces any liability for negligence (it is important that your new policies are implemented and monitored).
  • Your company can use the Certificate of Compliance as a marketing tool. Many knowledgeable web site visitors are comforted by the fact that a firm is PCI / DSS compliant. This information can be advertised on the web site, or elsewhere.
It is important to note that even if you do not have an on-line shopping cart, but do handle credit card data (i.e.: over the counter), that you must still abide by PCI / DSS policies. Failure to do so can result in the credit card companies revoking your credit card privileges. Therefore, it behooves you to become PCI / DSS compliant, even if you don't have an on-line shopping cart.