PCI Security Standards

You can’t choose the requirements, but you can choose the partner to help you meet them

To stem the rising tide of identify thefts and security breaches, the major credit card companies have collectively created the Payment Card Industry (PCI) Data Security Standard. The PCI standard specifies how merchants and service providers must secure systems and media to ensure confidential cardholder information is not compromised.

In selecting a firm to assist in compliance with the PCI Data Security Standard, it is critical to select a partner that can offer services matched to your organization’s approach. A gap analysis may be required to determine how far your organization deviates from PCI compliance, or you may need the Annual On-Site PCI Data Security Assessment, which includes the official Report on Compliance (ROC). You may require assistance in implementing controls and technologies required for PCI compliance, or may even be looking for a solution that can turn a project-driven approach to PCI into an internal process, aligned with other compliance initiatives. Accuvant’s comprehensive PCI services address these needs and more.

PCI Gap Analysis - Identify PCI gaps and offer solutions to common PCI compliance shortfalls

• Annual On-Site PCI Data Security Assessment - Provide on-site data security assessments for Level 1 Merchants and Level 1 and 2 Service Providers requiring an official Report on Compliance
• Payment Application Security Assessment – Provide an on-site application security assessment to ensure compliance with Visa’s Payment Application Best Practices (PABP). A compliant application is then eligible to be listed as a “Validated Payment Application” on Visa’s website
• Policy/Standards Development and Technology Services - Provide end-to-end remediation solutions, from assisting in process and policy development to integration of security technologies
• Compliance Program Development - Develop integrated compliance programs that map the requirements of PCI to industry-recognized standards and other regulatory compliance requirements
• PCI Quarterly Network Scan – Provide quarterly vulnerability scans and reporting required for compliance

Choosing Accuvant to assist in PCI engagements offers the following benefits:

• Strong credentials – Accuvant is one of only 18 vendors qualified by Visa to perform services as both a QDSC/QSA and a Qualified Payment Application Security Company (QPASC). Accuvant is also an Approved Scanning Vendor (ASV).
• Efficient, tools-based approach – Accuvant utilizes our ControlPath toolset to perform PCI services, to automate the process, reduce cost and enable easy ongoing management of remediation activities.
• Integration with internal processes –Level 1 Merchants can choose to submit their own Report on Compliance, thereby saving the yearly cost of assessment by a third-party. Accuvant can show you how to utilize ControlPath to make this process efficient and manageable.
• Experts in information security - Protecting information assets is Accuvant’s core business. We have assisted over 1000 clients in evaluating and improving their enterprise security posture.

If you would like more information about Accuvant's compliance and PCI solutions, please email info@accuvant.com or contact our sales department at 1-800-574-0896.