PCI

Payment Card Industry Data Security Standard (PCI-DSS) – Credit Card companies created the Payment Card Industry Council (PCI) in order to ensure that merchants were protecting their cardholders’ credit card data.  If you have been involved with PCI Compliance, you know that it can be overwhelming to successfully navigate the requirements and achieve compliance.   With over 210 PCI requirements alone, it’s hard to know where to start. Through our experience assisting retailers large and small, we have developed managed service offerings to customers that satisfy compliance requirements, improve security, and free up internal IT staff to work on strategic initiatives.  Don’t tackle the hundreds of requirements your self – let us handle most of them and allow you to focus on your business-specific requirements.

Implementation Process:

1. We start with the endpoints by deploying our security software to all endpoint devices deemed in-scope for compliance.  We tackle several requirements by deploying anti-virus, firewall, host-intrusion detection software, Operating System patches and external vulnerability scanning while ensuring all devices have recurring updates and scans. 
2. Segmentation is a key component to limiting scope for PCI compliance.  Our Managed Network service starts with the analysis of your PCI environment resulting in a new design that limits scope of the cardholder data environment (CDE) through network segmentation. After everything, the end result is a controlled PCI network segment that is constantly monitored for internal and external threats.
3. Our Advanced service offering which is powered by the AlienVault platform covers the remaining PCI requirements. Through our other assessments and monitoring we are able to reduce your overall cost of compliance. Compliance reporting of all events is provided to you with the required information that you need to prove compliance.