PCI Compliance

PCI Compliance Services

PCI Compliance

The security benefits associated with maintaining PCI compliance are vital to the long-term success of all companies who process card payments. Understanding Payment Card Industry Data Security Standards and achieving compliance with these standards helps you to ensure healthy and trustworthy payment card transactions for your customers. PCI is vital to assuring the safety of transactions carried out by hundreds of millions of people worldwide who use their cards every day.

We are experienced at delivering independent assessments of clients PCI compliance status, to ensuring that your data security obligations are met, today and by a process of regular review going forward.

In view of the imminent requirement for adherence to General Data Protection Regulation (GDPR) regulation early 2018 it is vital for businesses to be creating a compliance plan now. Why?

Necessary for

  • Regulatory compliance
  • Avoidance of fines
  • Peace of mind
  • Reducing financial risk
  • Customer confidence
  • Maintaining trust with customers
  • Maintaining company image
  • Maintaining and acquiring new business

Payment Card Industry Data Security Standards

The PCI Compliance Approach Maintaining Payment Security

All companies large or small that store process or transmit cardholder data must be aware of their obligations to protect that data, we provide an independent service to help you comply today, tomorrow and in the future.

The Payment Card Industry provides a framework of Data Security Standards, these are the technical standards for companies that accept or process payment transactions, we provide you no-nonsense approach to meeting those standards and obligations.

Payment security is a fundamental part of your business process and any short comings can have massive negative impacts on your company in both financial and reputational terms.

As the official PCI Security Standards Council website succinctly states

PCI Security Standards Council Logo

 

If you accept or process payment cards, the PCI Data Security Standards apply to you”.

 

Helping you to meet your PCI DSS Compliance requirements

PCI DSS compliance check list

PCI DSS sets out 12 requirements that fall into 6 categories

Build and Maintain a Secure Network

PCI DSS Requirements:

1. Install and maintain a firewall configuration to protect cardholder data

2. Do not use vendor-supplied defaults for system passwords and other security parameters

tickTamite Secure IT – Compliance check list:

Setting out a strategy for the ongoing monitoring, testing and documentation to ensure continued compliance.

Protect Cardholder Data

PCI DSS Requirements:

3. Protect stored cardholder data

4. Encrypt transmission of cardholder data across open, public networks

tickTamite Secure IT – Compliance check list:

Ensure all aspects meet requirements under GDPR and comply with PCI DSS requirements.

Maintain a Vulnerability Management Program

PCI DSS Requirements:

5. Use and regularly update anti-virus software or programs

6. Develop and maintain secure systems and applications

tickTamite Secure IT – Compliance check list:

Evaluation of existing security processes and ensuring that going forward they are fulfilling their roles, understanding the role of patching and updating of applications and services. The ongoing role of Penetration testing.

Implement Strong Access Control Measures

PCI DSS Requirements:

7. Restrict access to cardholder data by business need-to-know

8. Assign a unique ID to each person with computer access

9. Restrict physical access to cardholder data

tickTamite Secure IT – Compliance check list:

Provide a strategy for your business to be able to demonstrate management of credentials and access policy.

Regularly Monitor and Test Networks

PCI DSS Requirements:

10. Track and monitor all access to network resources and cardholder data

11. Regularly test security systems and processes

tickTamite Secure IT – Compliance check list:

Demonstrate that logging and monitoring of systems are consistently carried out and if necessary uprate regime.

Maintain an Information Security Policy

PCI DSS Requirements:

12. Maintain a policy that addresses information security for employees and contractors

tickTamite Secure IT – Compliance check list:

Documentation and HR policies that cover your obligations and create an environment where data security is central to IT Strategy.

Training – Documentation – Monitoring – Updating

 

 

 

Verified by MonsterInsights