Security is the foundation of compliance.
Payment Card Industry Data Security Standard (PCI DSS) is applicable to your business if you store, transmit or process cardholder data.
Many organisations around the world – particularly those that fall below the top tier of payment card transaction volumes – may require.
All businesses that accept payment cards are prey for hackers and criminal gangs. A lack of understanding of PCI DSS compliance, combined with the fact that targeting your business is easier and cheaper than ever before with the rising use of attack automation techniques, increases risk in this hostile cyber environment, it’s never been more important to shore up defences.
A PCI compliance overview from dcs associates includes the following:
- Site Visit
- PCI Compliant Scan
- PCI DSS approved scanning vendor
- External Scan(s)
- Internal Network Vulnerability scan
- identify real and potential vulnerabilities inside the network
- Investigation into current internal protection software
- Investigation into cardholder data environment and recommendations for reducing footprint
- Security Health Check
- Liaison with the hotel to gather information prior to site visit
- Microsoft network Security Policy Generator
- Overview Report and summary
- Best practice recommendations
PCI is not, in itself, a law. The standard was created by the major card brands (Visa, MasterCard, Discover, AMEX and JCB) – at their acquirers’/service providers’ discretion. Merchants that do not comply with PCI DSS (and suffer a breach event) may be subject to fines, card replacement costs, costly forensic audits, brand damage, etc.
dcs associates can assist organisations with their PCI compliance. Which will greatly help reduce the risk from facing the extremely unpleasant and costly consequences.