PCI DSS
You are here: Home \ Professional Services \ PCI DSS

PCI Compliance

In order to ensure credit card payment security, the Payment Card Industry Security Standards Council (PCI SSC) has defined a set of compliance requirements to safeguard credit card transactions and consumer personal and financial data under the Payment Card Industry Data Security Standard (PCI DSS).

PCI DSS compliance is more than just satisfying a list of guidelines – it is a proven way to protect you and your customer’s data from outside attacks.

pci_ssc_qsa

Qualified Security Assessor (QSA)

As a Qualified Security Assessor (QSA), Hitachi Systems Security will help you address all PCI DSS requirements while reducing the complexity and costs associated with it. Hitachi Systems Security will help you conduct analysis, deploy technology based on the assessment of your requirements, and implement policies and procedures to achieve the highest levels of compliance.

Added Value

During a PCI DSS Compliance engagement, Hitachi Systems Security’s certified security consultants review information systems, policies and procedures, along with security controls and systems in place and network security architectures focusing on alignment of your organization with controls outlined in the PCI DSS. Upon completion of the service, your organization will have received an assessment of the effectiveness of their organizational security controls regarding PCI data security requirements.

credit-card-sensitive-data

Protect Sensitive Cardholder Data

identity-theft

Reduce and Prevent Risk of Identity Theft

Security Baseline

Provide a Baseline of Security in the Cardholder Environment

customer image

Protect Reputation and Maintain Positive Brand Image

Hitachi Systems Security’s PCI DSS Compliance Services Include:

PCI Compliance Gap Analysis (Pre-Audit) — A review of compliance scope, security architecture, processes and controls against the full PCI DSS to help your organization understand options for scope reduction, identify gaps, and create a remediation strategy to successfully complete a Self-Assessment Questionnaire (SAQ) or Report on Compliance (ROC).

PCI Self-Assessment Questionnaire (SAQ) — An assisted review and assessment of the applicable PCI DSS SAQ, resulting in a Qualified Security Assessor attested SAQ that can be provided to merchant acquirers and card processors.

PCI Report on Compliance (ROC) — A comprehensive assessment of a company’s payment cardholder data environment, resulting in a documented ROC that provides an independent validation of compliance to be submitted to acquirers and card brands.

PCI Network Vulnerability Testing — Internal and external vulnerability scans, quarterly and after any significant changes are made to the network.

PCI Application and Network Penetration Test — Annual application-layer and network-layer penetration tests on the relevant environment scope as well as after any significant infrastructure upgrades or modifications.

PCI Web Application Vulnerability Assessment — Application vulnerability assessment on public-facing websites collecting, storing or transmitting card data that is performed at least once a year as well as after any significant application upgrades or modifications.

PCI Wireless Assessment — Quarterly testing for the presence of wireless access points within in-scope environments.

PCI Approved Scanning Services — Quarterly vulnerability scanning performed according to the scanning requirements set by the PCI Security Standards Council.

Comprehensive Coverage

Log monitoring

Security Event Log Monitoring

intrusion detection

Intrusion Detection System

vulnerability assessment

Internal & External Vulnerability Scanning

File integrity monitoring

File Integrity Monitoring

Benefits

  • Lower Risk of Security Breaches

    Through PCI compliance, your organization can follow a proven path for taking effective measures to protect your customers’ payment card data and implement similar controls to protect sensitive company data, intellectual property, and other customer data from attacks.

  • Greater Peace of Mind and Confidence

    By being PCI compliant, your customers will have peace of mind and confidence in your organization, knowing that their data is protected when they make a purchase. PCI compliance can boost customer attraction and retention, while protecting the reputation of your company and brand.

  • Avoid Costly Fines

    By passing a number of PCI compliance tests, your organization significantly reduces its risk of experiencing a breach and the likelihood of receiving a fine, which could be as high as $500,000 per incident.

ArkAngel Console

Simplified Management – One Single View

Our secure ArkAngel risk management portal allows you to manage your PCI DSS compliance profile on a 24/7 basis. With all security policies and procedures, incident response management, vulnerability assessments, security posture reports and security logs in one place, the portal will help you provide clear evidence of compliance with all security controls and simplify your self-assessment processes and PCI audits.

Related Articles

Talk to a Security Specialist