What happens if you don’t store, process, or transmit credit or debit cardholder data—yet one of your vendors or customers demand that you be PCI Compliant?
Be prepared for an important customer to expect you to meet regulations that don’t even apply to you.
If you know what’s good for you, you’ll get the certifications so that your customer feels comfortable working with you rather than leaving you for one of your competitors.
We are seeing that more and more. Some of our customers only process less than 2000 credit or debit card transactions in a year. Yet, one of their customers demands that the company be PCI certified to the level of a company that processes more than six million transactions per year.
On the “bright side,” if one company wants you to be certified, you can advertise the fact that you are certified to other customers and prospects. That can set you apart from your competitors and make your organization more attractive.
Another advantage is, after you go to all of the trouble to become and remain certified, there is a good chance your network is more secure than it was before.