Payment Card Industry Compliance
Does your organization accepts, processes, transmit, or store credit card data? If so, your organization is required to comply with the Payment Card Industry Data Security Standard (PCI DSS). There are different levels of documentation required depending on how you process payments and how many payments a year are processed.
At Trout, Ebersole & Groff, LLP, our Information Security professionals can help you with the Self Assessment Questionnaires and arrange for the required network vulnerability scans. We can also provide recommendations to help you reduce the cost of compliance. Our risk assessment services can identify weaknesses in your card processing environment that would make a breach more likely.
Ask yourself the following questions about your organization:
- Are you restricting access to cardholder data on a “need to know” basis?
- Have you segmented your cardholder processing applications to reduce the amount of your network in-scope for PCI DSS compliance?
- Are your servers and workstations being patched promptly to reduce cyberattack vulnerabilities?
- Are you PCI compliant? 96% of breach victim companies were not PCI compliant and less than 4% of companies are fully compliant with PCI DSS.
The Payment Card Industry Data Security Standard contains 6 goals, 12 security requirements, and 245 testing procedures which makes it difficult for business owners to be knowledgeable. At TEG, we provide cost-effective services geared specifically to your organization and processing environment! Contact our Information Security Specialists to learn more and to schedule your complimentary one hour consultation.