PCI Compliance | Consultancy Services | Services

By: Integrity Solutions  05/12/2011
Keywords: access control, information security, Security Policy

If your organisation electronically holds, transmits or processes credit card information, regardless of how that information was acquired, then it is required by the Payment Card Industry (PCI) to comply with its Data Security Standard (DSS).


PCI Compliance Requirements

The PCI DSS requires merchants to:
• Build and Maintain a Secure Network
• Protect Cardholder Data
• Maintain a Vulnerability Management Program
• Implement Strong Access Control Measures
• Regularly Monitor and Test Networks
• Maintain an Information Security Policy

The Data Security Standard (DSS) is a complicated mix of best practices, technologies, policies and operational procedures. While all merchants and service providers are required to comply with all 220+ items in the standard, there is sufficient flexibility to allow each covered entity to comply in the manner that best suits the organization. However, this flexibility also creates an opportunity to misinterpret the requirements, resulting in a false state of compliance.


By engaging Integrity Solutions Ltd as your PCI compliance partner, you will gain access to Integrity’s expertise in validating your current compliance state. Beyond this initial evaluation, we also provide detailed recommendations in the form of individual projects that are necessary in order to come into compliance.

Our expertise in designing and implementing security technologies ensures that our recommendations are based on realistic expectations for security and on-going management while minimizing the impact on “the business”.

Our approach starts with understanding your business environment and your objectives. The goal of this understanding is to become an extension of your team and provide recommendations on how to comply with the DSS while minimizing the intrusion on established business operations. Our consultant will spend sufficient time with your IT staff and business leadership to learn the ways in which your company interacts with cardholder data and during this time they will measure your current compliance with each of the requirements in the standard.

With “current state” information at hand, we will analyse all of the gaps in your compliance program and make targeted, detailed and realistic recommendations to address each gap. The outcome of this analysis is a final report that embodies the remediation program necessary to come into compliance. 

Keywords: access control, information security, Security Policy

Contact Integrity Solutions

Email - none provided

Print this page

Share

Other products and services from Integrity Solutions

05/12/2011

Services | Integrity Solutions

Integrity Solutions offers a complete portfolio of Security Services designed to give you the most effective service to match your needs and requirements, ranging from break fix support to fully monitored and managed services, across all organisation sizes. We spend time getting to know our customers and understand that our customers place their trust in us to deliver a service that will protect their assets and benefit them in the future.


05/12/2011

Consultancy Services | Services | Integrity Solutions

Our services cover the complete risk cycle and will help you understand your current infrastructure, assess weaknesses and gaps, meet compliance requirements and reduce overall risk to your organisations assets. Our team of expert consultants provides a wide range of consultancy services to advise and guide you in making informed decisions on your optimal service needs.


05/12/2011

Security & Vulnerability Assessment | Consultancy Services | Services

Through our Security & Vulnerability Assessment we carry out an examination of your current security profile, using non-invasive and transparent investigative tools, to give you an overview of your existing infrastructure and highlights all vulnerabilities which could be exploited.


05/12/2011

Penetration Testing | Consultancy Services | Services

The Penetration Testing service from the Integrity Solutions Risk Analysis and Security Practice helps you identify network perimeter vulnerabilities that unauthorized users often exploit to gain access to networks and information assets. Our Penetration Testing service delivers an executive-level document that identifies critical security vulnerabilities and a comprehensive report of testing results and recommended action plans.


05/12/2011

Network Assessment | Consultancy Services | Services

Our Network Assessment Service assesses problems with a network performance and after thorough investigation provides suggested recommendations of ways of improving this problem performance. Operations not meeting performance expectation speeds (e.g. file transfers) can, in turn prevent other projects from progressing. Users expect a predictable response and if a network is slow or unresponsive this bodes badly for the rest of the organisation.


05/12/2011

Strategic Security Planning | Consultancy Services | Services

We provide strategic assistance in the form of value added workshops at the planning stage of any project in order to design the best solution and tease out any potential issues with any deployment. After gathering this information you will be able to make an informed decision on the type of solution that would most benefit your organisation, both in the long and short term.


05/12/2011

ISO 27001 Compliance | Consultancy Services | Services

Integrity Solutions provides an ISO 27001 Compliance Service guiding clients through establishing, implementing, maintaining and improving an Information Security Management System in accordance with this quality standard. Businesses need to ensure that their information policies meet regulatory needs and are flexible enough to deliver benefit to business.