Business Magazine

A PCI Compliance Overview

Posted on the 21 July 2014 by Litcom
  • Date: July 21, 2014
  • Posted by Litcom Team
  • No Comments
  • Category: Information Security Health Check, Information Security Program Development
A PCI Compliance overview

Information Security Health Check

The major credit card issuers (Visa, MasterCard, Discover and American Express) created PCI (Payment Card Industry) compliance standards to protect personal information and ensure security when transactions are processed utilizing a payment card. PCI provides the guidelines to help merchants protect cardholder data.

All members of the payment card industry (financial institutions, credit card companies and merchants) must comply with these standards if they wish to accept credit cards. Inability to meet compliance standards can result in fines from credit card companies and banks and even the loss of the ability to process credit cards.

Compliance is a continuing process, not a one-time project. It helps avert security breaches and theft of payment card data, not just today, but in the future:

  • As data compromise becomes increasingly sophisticated, it proves ever more difficult for an individual merchant to stay ahead of the threats
  • The PCI Security Standards Council is continuously working to monitor threats and improve the industry’s means of dealing with them, through enhancements to PCI Security Standards and by the training of security professionals

Compliance has indirect benefits as well:

  • Through your efforts to comply with PCI Security Standards, you’ll likely be better prepared to comply with other regulations as they come along, such as HIPA, SOX (Bill 198/CSA), etc.
  • You will establish a foundation for a corporate security strategy
  • You may identify ways to better the efficiency of your IT infrastructure

If your organization is not compliant:

  • Compromised data negatively affects consumers, merchants, and financial institutions
  • Just one incident can severely damage your organization’s reputation and its ability to conduct business effectively,
  • Account data breaches can lead to loss of sales, and depressed share price (for publicly traded organizations)
  • Possible negative consequences also include:
    Lawsuits, cancelled accounts, payment card issuer fines and government fines

The Litcom Approach

Litcom’s team of security professionals can provide your organization with the required expertise and knowledge to achieve compliance in a cost effective manner. We also believe that compliance can be a major opportunity for organizations to manage and reduce information security risk. Our team of expert security consultants will help you achieve and maintain PCI compliance while looking at opportunities to reduce cost and operational risk.

Our services include: 

PCI DSS Self-Assessment Questionnaire 

Our team of certified security consultants will assist your organization in completing the PCI DSS Self-Assessment questionnaire (SAQ). The PCI Data Security Standard Self-Assessment Questionnaire is a high level validation tool intended to assist merchants and service providers determine their compliance with the Payment Card Industry Data Security Standard (PCI DSS).  There are multiple versions of the PCI DSS SAQ to meet the various scenarios and criteria defined by the PCI.

PCI Compliance Gap Analysis, Strategy and Roadmap Definition

Our team of certified security consultants will assist your organization in developing a strategy and roadmap that outlines the detailed plan for achieving PCI compliance.  This service includes a comprehensive gap analysis that strictly follows the PCI DSS guidelines. This engagement should be performed prior to an official PCI Audit.

PCI DSS Remediation Services

PCI remediation efforts can be challenging, arduous and costly if not properly planned. We offer a wide range of services to help your organization meet all 12 PCI DSS requirements, and define custom solutions and security controls implementation to address your specific needs.  Since there may be more than one way to address a PCI requirement, it is critical to get the right security advice for implementing controls that are effective, meet the PCI audit criteria and are cost effective.

Contact Litcom today for more information at: [email protected]

Find out more about Litcom services

Contact Us

News Categories

  • Enterprise Security
  • ERP Optimization
  • Information Security Health Check
  • Information Security Program Development
  • IT Assessment
  • IT Management
  • IT Strategy
  • Merger & Acquisition Due Diligence
  • Post Merger Integration
  • Procurement Process Improvement
  • Project Management
  • SharePoint Solutions
  • Threat Risk Assessment & Penetration Testing
  • Uncategorized
  • Vendor Selection

Archives

  • July 2014
  • June 2014
  • May 2014
  • March 2014
  • February 2014
  • October 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • June 2011
  • May 2011

Stay Connected

265 Rimrock Rd., Suite 202
Toronto, Ontario M3J 3C6
phone: 905 763 8900
fax: 905 763 8233
email: [email protected]

Recent Posts

  • A PCI Compliance overview
  • Top tips for Disaster Recovery Planning
  • Mergers & Acquisitions – IT Integration challenges

Reference Links

IT Assessments


Back to Featured Articles on Logo Paperblog