Payment Card Industry Data Security Standard (PCI DSS)
If your organisation is involved in payment card processing, then you need to know about the Payment Card Industry Data Security Standard (PCI DSS). UXC Saltbush has just the people to make sure your organisation is well placed to achieve compliance and minimise risk.
PCI DSS is an international standard developed by the PCI Security Standards Council; the standard details the baseline controls to improve the security of cardholder data and reduce payment card fraud.
If you deal with credit card numbers, you must undertake an annual PCI Compliance Assessment. Depending on the number of transactions processed, this may need to be an onsite assessment conducted by either a Qualified Security Assessor (QSA) or an Internal Security Assessor (ISA). Organisations are also required to have quarterly network scans conducted by an Authorised Scanning Vendor (ASV).
As an approved Quality Security Assessor (QSA) company, Saltbush has helped numerous organisations obtain PCI DSS compliance, including government agencies and commercial organisations.
We offer a range of PCI services to our clients:
- PCI Health Check: As a first step, we will perform a gap analysis against the PCI standard. We’ll uncover the gaps, identify the steps that can be taken to reduce the costs of compliance, and develop a roadmap to get the greatest “bang for your buck”.
- Remediation work: With our range of specialist technical and security consultants, we can help your organisation implement technical infrastructure to improve all compliance areas.
- Policy/general consulting: With extensive experience providing advice to clients with high security requirements in both the commercial and national security sectors, we are well-placed to provide consulting advice in all compliance areas.
- Penetration testing of both network infrastructure and web applications: We have a dedicated team of specialised penetration testers with experience working for major organisations across federal government, the financial sector and critical infrastructure.
- Audits for tier 1 merchants and service providers: As a registered QSA, Saltbush is fully qualified to perform formal audits for level 1 PCI-DSS merchants and service providers.
Help reduce the incidences of payment card fraud and ensure your organisation meets the necessary standards. Contact us to see how Saltbush can help you with our range of PCI services.