Home | My Account | Customer Service |  Shopping Cart Shopping Cart - 0 item(s)
Browse Gift Baskets
  Gifts for Her
  Gifts for Him
  Get Well Gift Baskets
  Wine & Champagne
  Baby & Newborn Gifts
  Holiday Gift Baskets

Gift Baskets by Price
  0-24.99
  25 - 49.99
  50-99.99
  Over $100

New Releases
Get Better Gift Basket
W506C Get Better Gift Basket
Get Well Soup Gift Basket
W558C Get Well Soup Gift Basket
Congratulations Bear Basket
W989C Congratulations Bear Basket
Mailing List
Subscribe to our Newsletter
Subscribe
Unsubscribe

Dropship Business




Ship Wine to 38 States

  Add Us On Facebook
Home > Site Security
 
Site Security

Site Security - PCI Compliance



As of June 19, 2009, NorthPortGiftBaskets.com has officially become PCI DDS compliant. In a growing effort to preserve the integrity of personal information, the PCI Security Standards Council has put forth a series of regulations online business must follow to ensure the security of online shopping. Our backend has met and surpassed all standards outlined by the PCI Security Standards council with flying colors – not only did our backend service invest in over $50,000 of state of the art network security software, but we have proven our security management, security policies, network architecture, and software design are protected and free of any vulnerabilities that may hinder your online business. In addition, all tests were conducted by two third party companies, SecurityMetrics and Plynt, which guarantees no shortcuts were taken in proving our compliancy.
 

What is PCI Compliance?

The PCI security standards are a blanket of regulations set in place to safeguard payment account data security. The council that develops and monitors these regulations are comprised of the leading providers in the payment industry: American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International. Essentially, they define the best practices for storing, transmitting, and handling of sensitive information over the internet.


Security Metrics

SecurityMetrics to run through a series of rigorous tests to authenticate our company abides by all PCI data security standards:

Build and Maintain a Secure Network 
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Firewalls are computer devices that control computer traffic allowed into and out of a company’s network, as well as traffic into more sensitive areas within a company’s 
internal network. A firewall examines all network traffic and blocks those transmissions that do not meet the specified security criteria.

All systems must be protected from unauthorized access from the Internet, whether entering the system as e-commerce, employees’ Internet-based access through desktop
browsers, or employees’ email access. Often, seemingly insignificant paths to and from the Internet can provide unprotected pathways into key systems. Firewalls are a key protection mechanism for any computer network.

Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Hackers (external and internal to a company) often use vendor default passwords and other vendor default settings to compromise systems. These Passwords and settings are well known in hacker communities and easily determined via public information.

Protect Cardholder Data 
Requirement 3: Protect stored cardholder data
Encryption is a critical component of cardholder data protection. If an intruder circumvents other network security controls and gains access to encrypted data, without the 
proper cryptographic keys, the data is unreadable and unusable to that person. Other effective methods of protecting stored data should be considered as potential risk
mitigation opportunities. For example, methods for minimizing risk include not storing cardholder data unless absolutely necessary, truncating cardholder data if full PAN is not needed and not sending PAN in unencrypted emails.

Requirement 4: Encrypt transmission of cardholder data across open, public networks

Sensitive information must be encrypted during transmission over networks that are easy and common for a hacker to intercept, modify, and divert data while in transit.

Maintain a Vulnerability Management Program 
Requirement 5: Use and regularly update anti-virus software
Many vulnerabilities and malicious viruses enter the network via employees’ email activities. Anti-virus software must be used on all systems commonly affected by viruses to protect systems from malicious software. 

Requirement 6: Develop and maintain secure systems and applications

Unscrupulous individuals use security vulnerabilities to gain privileged access to systems. Many of these vulnerabilities are fixed by vendor provided security patches. All 
systems must have the most recently released, appropriate software patches to protect against exploitation by employees, external hackers, and viruses.

Implement Strong Access Control Measures 
Requirement 7: Restrict access to cardholder data by business need-to-know
This requirement ensures critical data can only be accessed by authorized personnel.

Requirement 8: Assign a unique ID to each person with computer access
Assigning a unique identification (ID) to each person with access ensures that actions taken on critical data and systems are performed by, and can be traced to, known and authorized users.


Requirement 9: Restrict physical access to cardholder data 
Any physical access to data or systems that house cardholder data provides the opportunity for individuals to access devices or data and to remove systems or hardcopies, and should be appropriately restricted.

Regularly Monitor and Test Networks 
Requirement 10: Track and monitor all access to network resources and cardholder data
Logging mechanisms and the ability to track user activities are critical. The presence of logs in all environments allows thorough tracking and analysis when something does go wrong. Determining the cause of a compromise is very difficult without system activity logs. 

Requirement 11: Regularly test security systems and processes
Vulnerabilities are being discovered continually by hackers and researchers, and being introduced by new software. Systems, processes, and custom software should be tested frequently to ensure security is maintained over time and with any changes in software.

Maintain an Information Security Policy 
Requirement 12: Maintain a policy that addresses information security
A strong security policy sets the security tone for the whole company and informs employees what is expected of them. All employees should be aware of the sensitivity of data and their responsibilities for protecting it.

Plynt Certified

Our Backend has gone above and beyond to ensure the safety of our application by hiring a third party company, Plynt, to deploy penetration and code testing on our software.  Our Backend has met all 23 requirements defined by Plynt to assume Plynt certification.  By becoming Plynt certified, Our  Backend has affirmed our application is resilient to the most complex and logical security attacks known on the internet. 

What Does This Mean for You?

Because our backend maintains a secure network for all of our customers, you, as a merchant, can feel safe with our security software.   Furthermore, we will provide you with the tools you need to prove that your site is PCI Compliant as well.  All backend accounts come with free, quarterly PCI scans which allows you to offer the best payment services to your customers.  Essentially, if you want to process credit cards in your online store, you need to be PCI compliant, and our backend helps you get compliant free of charge.

Plynt Certified

Gift Baskets by Product
Gift Baskets
Assortment
Chocolate/Candy
Tea/Coffee
Cookies
Fruit
Gourmet
Snack
Kosher
Teddy Bear
Wine/Champagne
Spa/Beauty

Gift Baskets by Occasion
Gift Baskets
Anniversary
Birthday
Congratulations
Just Because
Just for Laughs
Graduation
Newborn
Thank You
Wedding
Sympathy

Gift Baskets by Holiday
Gift Baskets
Christmas
Easter
Father's Day
Fourth of July
Mother's Day
New Years
Halloween
Hanukkah
St.Patricks
Thanksgiving
Valentines



  








 
Copyright North Port Gift Baskets - www.northportgiftbaskets.com 2010 (c) . All Rights Reserved. North Port, Florida Gift Baskets, Fortune Cookie Gifts, Upscale Gift Baskets, Best Gifts of 2010 & Unique Gift Ideas From Florida