This is post is part of the Getting Started with PCI-DSS Compliance series.
The Zeroth Step: Urgent Remediation
Before we get into the meat of the series, let me emphasize the importance of taking a risk-prioritized approach from day one. Compliance should not be your motivation. Iron-clad protection of sensitive cardholder data should be your goal. Compliance will follow naturally… eventually. The subtext here is that while you develop your compliance strategy, high-risk activities should be identified and addressed immediately.
We recommend scheduling interviews with representatives from each line of business that owns a merchant account, as soon as possible. (continue reading…)