RSS

Testimonials

TestimonialsPlease click on the link below to see a list of our current client testimonials. 

read testimonials


Connect with us on 

LinkedIn 

Follow us on

Twitter 

Join us on

Facebook

 Subscribe to us on

 

Read our Blog on

 

 

   

 

   

Related Articles

 

Newsletter

Subscribe to our newsletter

The importance of PCI Compliance

Before the PCI DSS was established, various card brands set up their own security programmes in order to protect card holder data and identity theft due to ongoing data compromises occurring at numerous levels.

In 2006, the five major card brands (Visa, MasterCard, American Express, Discover Card and JCB) then decided to unify their policies and procedures under one universal standard that was called the Payment Card Industry Data Security Standard (PCI DSS). The PCI security standards council governs the payment industry and ensures that all entities accepting, storing or transmitting credit card data adhere to the PCI DSS. The aim is to reduce the number of security breaches and protect the card brands.

PCI DSS can help organisations to;

  • protect valuable customer information including payment card details
  • protect against the loss of valuable business information and the cost associated with data compromise
  • protect against the negative publicity associated with a data breech
  • ensure continued customer confidence in the use of payment cards

How does an organisation attain PCI compliance?

An organisation can attain PCI compliance by conforming to the 12 security requirements set out within the PCI DSS. Depending on their merchant level an organisation that is accepting, storing or transmitting card data can become PCI DSS compliant by either submitting a validated Self-Assessment Questionnaire (SAQ) or by undergoing an onsite assessment with a Qualified Security Assessor (QSA).

The merchant level depends on the volume of transactions that they are handling per annum. An organisation that is handling 6 million transactions or more must have an onsite assessment carried out each year by a QSA as well as quarterly network scans.

However, an organisation that is handling 20,000 to 6 million transactions per year can fill out an SAQ but must also undergo quarterly scans of their external network in order to conform to PCI compliance. For organisations handling less than 20,000 transactions per year, they must also undergo quarterly scans on their network and complete an SAQ.

If an organisation that is handling card data from one of the PCI security standards council member brands falls victim to a security breach, they can incur a significant fine and be banned from handling future credit card payments for any of the five major card brands.

For further information on our PCI compliance services, please contact one of our Sales representatives by calling +353 (0)1 495 1300 or by completing our Online Enquiry Form or Request a Call Back Form.

Explore Sysnet:

Home | About Us | Contact Us | Partners | Resource Centre | Careers | Our Locations | Dublin Head Office | Russia and CIS | South Africa | UK | Latest News | Articles | Call Recording, PCI DSS & the Pitfalls | The importance of PCI Compliance | PCI DSS Overview | Overview of the main changes between v1.2.1 and v2.0 of the PCI DSS | Webinars | Data Protection | Securing Telephony for PCI DSS | Common Cyber Crimes facing the Payments Industry | Data Breaches – Compulsory Disclosure? | PCI DSS compliance challenges for the E-commerce Sector | PCI DSS compliance challenges for the Hospitality Sector | PCI DSS in the Retail Sector | PCI DSS v2.0 Webinar | PCI DSS Overview Webinar | Wikis | Videos | Case Studies | Useful Links | Testimonials | The Steps to Achieving Information Security Compliance

Information Security Services

Understanding | Analysis | Remediation | Assessment | Support and Compliance Maintenance | PCI DSS Introductory Workshop | PCI DSS Training | Compliance Scope Analysis and Reduction | Gap Analysis | Documentation Review | Information Security Policy & Procedure Development | Remediation Plan | Remediation Project Progress Review | Solutions Implementation & Compensation Control Compliance Validation | Onsite Pre Assessment | Onsite Assessment | Web Application Vulnerability Assessment | Payment Application Assessment | Risk Assessment | Firewall Review | Phone & Email Support | Information Security Policy Review | Periodic Onsite Compliance Health Check | Security Awarness Programmes | Incident Response Services

Managed Security Services

SIM on Demand | Security Monitoring | Network Intrusion Prevention and Detection Service | Firewall Management | Managed Vulnerability and Web Application Scanning | Log Retention

Industry Sector Services

E-commerce | Public Sector | Travel and Tourism | Payments | Financial Services | Educational Institutions | Gaming

Compliance and Standards

Sysnet Compliance Management Solution | PCI DSS | ISO 27001 | HIPAA | SOX | GLBA | NERC/CIP | PCI DSS - Ireland | PCI DSS - UK | PCI DSS - South Africa

PCI compliance

Acquirers/ISO's | Banks | Merchants | Payment Service Providers | Application Vendors | Hosting Providers | PCI DSS - FAQ's | PCI compliance - Ireland | PCI compliance - UK | PCI compliance - South Africa

PCI Forensic Investigator

Incident Management Workshops | Incident Response Scenario Workshop | PFI/PFI Lite Response Services | Payment Security Assessments | PFI - FAQs

© Sysnet 2011. All rights reserved.
Web Design & Web Development by Continuum Technologies