Data Security Analysis and PCI Compliance
Individuals may be identified, in the normal course of business, when obtaining their information. This may also happen via obtaining credit information such as a credit card number. Having this information necessitates the need for Data Security Analysis and PCI Compliance. Personal Account Numbers (PAN’s) and credit card information have the ability to be used for unintended purposes. That is why there is a need to have standards surrounding personal information. There is a framework which regulates merchants and information holders of the necessary practices to stay secure. That framework is the Payment Card Industry (PCI) Data Security Standard (DSS) which is an international compliance regime. We offer this as a managed service or on a one time basis.
What is PCI?
PCI DSS is not, in itself, a law. The major card companies Visa, MasterCard, Discover, AMEX and JCB created the standard. The PCI security standards council manages the standard, however, service providers carry out Data Security Analysis and PCI Compliance. At the discretion of the PCI security standards council, merchants that do not comply will therefore face penalty. They may be subject to fines, card replacement costs, costly forensic audits, brand damage, etc., should a breach event occur. As a result, for a little upfront effort and cost, you can greatly reduce data risk from facing this costly experience.
How do I become compliant?
Perform a vulnerability scan on your computer to determine the exact location of each such non-compliant information. Then you need to address each such instance of non-compliance. Additionally, the scan can detect vulnerabilities as they relate to your network and security which is a critical part of compliance. The vulnerability scan tells us whether or not our customers are compliant with the current PCI DSS. In the past couple of years, compliance has become an issue for all businesses who accept or store any credit card information. Even if you don’t accept credit cards, you might have credit card of PAN information on a computer.
How we can help with Data Security!
Our offer is that we will perform a low level PCI scan on up to 10 selected servers or computers. As a result, the scan will produce a report which identifies any such non-compliance. Non-compliance requires a separate and deeper vulnerability scan. The deeper scan shows the location of the unsecure data so that it can be brought into compliance. We could also assist you in maintaining compliance.
Secure your business data, learn where the vulnerabilities are. Contact 1CS for more information on our data security and PCI compliance services or to arrange a consultation. Looking for something more specific? Try our penetration testing or compromise assessment. As a manager service provider, 1CS offers a selection of managed IT services for your business.