Is AbolitionistSanctuary.org PCI-DSS Compliant

Created by Rev. Dr. Nathan C. Walker, Modified on Sat, 27 May, 2023 at 10:35 AM by Rev. Dr. Nathan C. Walker

Yes. AbolitionistSanctuary.org is PCI-DSS compliant. Please see the following excerpts from the WooCommerce that explain the ways in which we meet these security standards.


What is PCI-DSS?


PCI-DSS (Payment Card Industry Data Security Standard) is a set of actionable rules defined by the Payment Card Industry Security Standards Council to encourage the broad adoption of consistent data security measures around the world with an aim to reduce credit card fraud. These rules apply to anyone who stores, processes, or transmits cardholder data. For more information about PCI-DSS, please review the Quick Reference Guide here.


How Does PCI-DSS Meet Core Requirements?


AbolitionistSanctuary.org meets the following 12 core PCI-DSS requirements:


GOALSPCI-DSS REQUIREMENT
Build and Maintain a Secure Network
  1. AbolitionistSanctuary.org installs and maintains a firewall configuration to protect cardholder data by using Wordfence and WooCommerce software.
  2. AbolitionistSanctuary.org does not use vendor-supplied defaults for system passwords and other security parameters.
Protect Cardholder Data
  1. AbolitionistSanctuary.org never stores card details because WooCommerce and Stripe does never store more than 4 digits of a card number if storing payment tokens for re-use.
  2. AbolitionistSanctuary.org enforces SSL on user checkout pages.
  3. AbolitionistSanctuary.org encrypts transmission of cardholder data across open, public networks.
Maintain a Vulnerability Management Program
  1. AbolitionistSanctuary.org uses and regularly update anti-virus software through WordPress, Wordfence, BuddyBoss, and LearnDash software updates.
  2. AbolitionistSanctuary.org develops and maintains secure systems and applications through Amazon Web Service, RunCloud.io, and BobCares Server Administrators. 
Implement Strong Access Control Measures
  1. AbolitionistSanctuary.org restricts access to cardholder data by business need-to-know;
  2. AbolitionistSanctuary.org assign a unique WordPress ID to each person with computer access;
  3. AbolitionistSanctuary.org restricts physical access to cardholder data by using WooCommerce and Stripe software that does not give any staff member access to full cardholder data.
Regularly Monitor and Test Networks
  1. AbolitionistSanctuary.org uses a variety of security checks in WordPress, Wordfence, and WooCommerce to track and monitor all access to network resources and user data;
  2. AbolitionistSanctuary.org regularly tests security systems and processes.
Maintain an Information Security Policy
  1. AbolitionistSanctuary.org maintain a privacy policy and terms and conditions policy that addresses information security.


Please note that AbolitionistSanctuary.org uses Wordfence, an authorized by the Common Vulnerabilities and Exposures (CVE®) Program as a CNA, or CVE Numbering Authority. As a CNA, Wordfence assigns CVE IDs for new vulnerabilities in WordPress Core, WordPress Plugins and WordPress Themes.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article