Keeping your supporters' credit card information secure is critical to your
operation, as well as ours. We realize the importance of this and we surpass the necessary
standards for keeping the data secure. All credit card information is always encrypted in the
NEON system, and is always securely transmitted. No one - your staff or ours - can ever see
any credit card number that is stored in the NEON system.
NEON surpasses the newly required PCI & DSS security standards recently being
enforced by the credit card industry.
PCI DSS stands for Payment Card Industry Data Security Standard. It was
developed by the major credit card companies as a guideline to help organizations that process card
payments prevent credit card fraud, hacking and various other security vulnerabilities and
threats.
At the core of the PCI DSS is a group of principles and accompanying requirements,
around which the specific elements of the DSS are organized:
Build and Maintain a Secure Network
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security
parameters
Protect Cardholder Data
Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes
Maintain an Information Security Policy
Requirement 12: Maintain a policy that addresses information security
NEON surpasses the PCI DSS security standards and has quarterly security checks in
place.
