Hello, hello, hello! 👋🏻 Are you properly storing your customers’ information? We’re not talking just names and addresses — you need to make sure their credit card information is secured with PCI compliance.

“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.” – Stephane Nappo

Have you ever heard of PCI compliance? If not, then you could be unknowingly compromising your customer credit card information.

Think about the recent Equifax breach. A lot of customers had their information compromised. While that breach has ended in a $650 million class-action settlement, that was just a drop in the bucket for the impact it had on the company.

If your business uses online storefronts and order processing to conduct sales, then you need to make sure a breach doesn’t happen to you.

PCI, aka Payment Card Industry, is an authority figure in online data protection that works in the interest of customers. PCI compliance is the set of standards for protecting customer credit card information.

Small business PCI compliance consists of using firewalls and secure software to store customer information so it can’t be accessed by anyone — in most cases, even you. Because the information is encrypted so that even if someone were to walk by your open computer, they couldn’t snag any customer information.

How Not to Store Credit Card Information

Remember, never store credit card information in:

  • Excel spreadsheets
  • Stickie notes or notebooks
  • Emails
  • Unencrypted Databases

In fact, you should never store the entire credit card number at all — even in an encrypted database. Most modern card processors allow you complete the transaction without ever storing the card info on your own stuff.

It’s important to know that PCI compliance has different levels of regulations, increasing in strictness depending on how much the business does in sales. However, for small business PCI compliance, a merchant must do less than $20,000 e-commerce transactions per year.

You may use a third-party transaction-processing company to store and secure your customer information, but be aware that you will still be responsible if a breach were to occur. Make sure you partner with a trusted web design and e-commerce site design company to ensure you are practicing PCI compliance.

Because how would you feel if your credit card information was stolen due to someone else’s negligence?


Determine whether you or your credit card processing partners are PCI-compliant. If not, then start taking steps to protect stored cardholder information.

Awesome Stuff I Read This Week

Secure Your Online Sales

Escape Plan MarketingEscape Plan creates custom, secure websites so you can sell online with confidence. Let me buy you a cup of coffee and show you how.

Let’s grab coffee soon,

Drew Horine
Drew Horine, Founder & Chief Creative