If your organization handles any type of credit card or payment data you must maintain compliance with the Payment Card Industry Data Security Standard (PCI-DSS). Securit360 has proven experience with the security policies and controls required to become PCI compliant.
We can help your business understand the requirements of PCI. Securit360 can perform audits of your organization which may be required for assessments and questionnaires. We can also provide services to assist with process strategy, planning and implementation.
The following is a quick overview of basic PCI controls:
- Manage and maintain a secure network according to industry standards
- Information Security Policies
- Implement and maintain a vulnerability management program
- Regularly scheduled network testing and monitoring
- Access Control
- Ensure protection of card data
- Install and maintain a firewall configuration to protect cardholder data, remove all vendor default access settings
- Maintain policies that address information security for everyone in your organization
- Maintain a regularly updated anti-virus software suite
- Track and monitor all access to networks and perform regular vulnerability and penetration testing
- Restrict both physical and virtual access to card data
- Ensure industry standard encryption is used for data storage and transmission