Information Technology and Infomation Security Consultants
Call PCSS @: 720-990-7556
Contact PCSS today to learn more about our PCI Security services 720-990-7556.
The Payment Card Industry Data Security Standard (PCI-DSS) sets specific security controls that all merchants accepting credit cards must meet. The level of required controls vary based upon the type of credit processing and the number of transactions being processed. PCSS can help your organization reach PCI-DSS compliance with the following services:
- Provide assistance completing the annual Self-Assessment Questionnaire (SAQ) which is designed to assist merchants with compliance self-evaluation.
- Review infrastructure design and recommend changes that limit the impact and cost of implementing the required security controls.
- Perform a gap analysis between the PCI-DSS requirements and your implementation and help develop plans to come into compliance.
There are twelve categories and 62 high-level PCI-DSS controls which are summarized here.
- (4 controls) Install and maintain a firewall configuration to protect cardholder data.
- (4 controls) Do not use vendor-supplied defaults for system passwords and other security parameters.
- (6 controls) Protect stored cardholder data.
- (2 controls) Encrypt transmission of cardholder data across open, public networks.
- (2 controls) Use and regularly update antivirus software.
- (6 controls) Develop and maintain secure systems and applications.
- (2 controls) Restrict access to cardholder data by business need-to-know.
- (5 controls) Assign a unique ID to each person with computer access.
- (10 controls) Restrict physical access to cardholder data.
- (7 controls) Track and monitor all access to network resources and cardholder data.
- (5 controls) Regularly test security systems and processes.
- (9 controls) Maintain a policy that addresses information security.
Let PCSS help you address these and reach compliance.