Certification of mechants & service providers to meet PCI Standards
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. Even if your environment does not need to comply with PCS DSS, it is a great security standard to align your business. It forms an industry best practice for any organisation with sensitive data.
Vectra specialises in all aspects of PCI compliance including assessments, penetration testing and requirement validation for all types of businesses. We launched our payment card related security compliance services in 2004 through programs with Visa and MasterCard. We then became the first Australian company to be certified as a QSA Company (QSAC) by the PCI Security Standards Council when it was formed in 2006. Since that time we’ve assisted thousands of organisations of all sizes in sectors including retail, financial services, insurance, transport, banking, credit unions, building societies, utilities, gaming and third party hosting and service providers.
What is PCI Compliance?
Every organisation that stores, processes or handles payment card data is required to be Payment Card Industry Data Security Standard compliant. This standard was designed to increase cardholder data protection to dramatically reduce credit card fraud.
How does a business become compliant?
Compliance reporting for small merchants can be as simple as completing a Self-Assessment Questionnaire (SAQ) while for larger merchants and third party service providers, annual assessments must be conducted by a QSA Company. If you have internet facing IP addresses you must conduct network vulnerability scanning utilising an Approved Scanning Vendor (ASV) certified by the PCI Security Standards Council.
How often does compliance need to be validated?
To meet merchant agreements and avoid penalties, acquiring banks will seek PCI DSS compliance reporting on an annual basis and in some cases, on a quarterly basis.
Why choose Vectra Corporation?
Vectra was the first Australian company to be certified as a Qualified Security Assessment Company (QSAC) by the PCI Security Standards Council when it was formed in 2006. Since that time we’ve assisted thousands of organisations of all sizes in sectors including retail, financial services, insurance, transport, banking, credit unions, building societies, utilities, gaming and third party hosting and service providers. We have a number of Qualified Security Assessors both in house and working remotely who can help you to meet all requirements of the standard from start to finish.
Vectra PCI DSS Compliance and PCI Audit Services:
- Gap Assessments
PCI gap assessments assist payment card industry merchants to prepare for PCI DSS compliance assessments by identifying, analysing and documenting any areas of non-compliance with the Payment Card Industry Security Standard. On completion of the gap assessment, the merchant will have the opportunity to remediate the issues and they should then be ready to obtain a PCI DSS compliance assessment.
- SAQ Completion
- Network (ASV) Vulnerability Scanning
- Card Holder Data Discovery
- External and Internal Penetration Testing
- External and Internal Vulnerability Assessments
- Pre / post Assessment Guidance
- DYI / Internal Assessment Validation
- Third Party Assessment Validation
- Annual PCI DSS Assessments
- Remediation Solutions
- Managed Service (see our GRC Management)