The Payment Card Industry Data Security Standard (PCI-DSS) Program is a required set of security standards that were created by the PCI Security Standards Council to offer merchants and service providers a complete, unified way of safeguarding credit card account data.

The PCI Data Security Standard requirements apply to all entities that store, process, and / or transmit cardholder data. Version 4.0 of PCI DSS is the first major update to the security standard since 2018.

The requirements apply to all methods of credit card processing, from manual to computerized; the most comprehensive and demanding of which apply to e-commerce websites, and retail POS systems that process credit cards over the Internet.

ISGRM Group, with its foundation of providing comprehensive information security validation and regulated security program compliance services to our clients, offers PCI-DSS compliance services, both in addition to our standard offerings and as a stand alone service. The PCI requirements continue to gain the attention of many organizations, yet confusion is abundant on what to do or even if they have to do anything about PCI.

Our approach is in line with the 12-step PCI compliance measures in order to:

  • Build and Maintain a Secure Network

    1-By constructing and maintaining a comprehensive Firewall to protect cardholder information

    2-By eliminating third party vendor, lax security criteria including passwords

  • Protect Cardholder Data

    3-By maintaining stored customer information privately

    4-By encrypting transmission of cardholder data across open, public networks

  • Maintain a Vulnerability Management Program

    5-By implementing anti-virus software controls

    6-By developing secure systems and applications

  • Implement Strong Access Control Measures

    7-By restricting cardholder access information to a “need-to-know” basis via the eCommerce solution

    8-By designating a unique online ID for each person accessing site from a computer

    9-By restricting access to physical payment card data

  • Regularly Monitor and Test Networks

    10-By constantly tracking and investigating cardholder data and network resource access

    11-By testing security protocols and protection processes

  • Maintain an Information Security Policy

    12-By up-keeping an industry standard awareness level commensurate with eCommerce security procedures

Benefits of PCI

• Reduce risk of breach and associated costs
• Fines
• Replacement cards
• Cost of fraud
• Reduce risk of reputational loss
• Loss of ability to process
• Loss of ability to accept payment cards
• Improve negotiation position with processors

We offer the following PCI compliance Services:

PCI DSS Gap Analysis / Readiness Assessment
• PCI DSS Remediation Support
• PCI DSS Assessment
• PCI Training
• PCI DSS Report on Compliance (ROC)
• QSA Consulting Services
• Network Testing
• External Vulnerability Scan by ASV approved S/W
• Penetration Testing by ASV
• Internal Vulnerability Scans

 

For further information on our PCI Compliance Management Program, please contact one of our sales representatives by calling  +1 (727) 537-9273 or by completing our Online Inquiry Form.

Submit Your RFP

Submit RFP to ISGRM

We look forward to partnering with clients, new and existing, on their information security needs. Please don't hesitate to contact us if you have questions or wish to speak with us regarding one or more of our services.

Address

CISSP.COM

Email

sales@cissp.com

Phone

+1(727)210-5204

Have Questions?

Email Us your Questions. We will respond the same day.

Contact Us