If you receive any number of credit card payments from cards such as Visa, MasterCard, American Express, or Discover, you are bound by the Payment Card Industry (PCI)
Data Security Standard (DSS) rules. Lovrin Technologies makes it easy and affordable to be in compliance with PCI. Our security monitoring service is fully certified to assess PCI
compliance and automatically points out specific issues with straighforward resolutions.
It can take companies hundreds of hours to perform their own compliance validation on the over 180 individual PCI requirements among six categories:
- Build and Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Network
- Maintain an Information Security Policy
Lovrin Technologies can substantially reduce the time typically needed for compliance efforts, so your staff remains focused on day-to-day business activities.
The official PCI security questionnaire is required to be completed by every company and can be daunting for those without information security expertise. We help you determine accurate answers to such questions as:
- "Are egress and ingress filters installed on all border routers to prevent impersonation with spoofed IP addresses?"
- "If wireless technology is used, are vendor default settings changed (i.e. WEP keys, SSID, passwords, SNMP community strings, disabling SSID broadcasts)?"
- "Are controls implemented on the server side to prevent SQL injection and other bypassing of client-side input controls?"
Guessing at those questions is not advisable. These issues can significantly impact the operational reliability of your business and result in severe penalties:
- higher transaction fees
- loss of card processing capabilities
- fines of up to $500,000 for each issue of non-compliance
According to PCI rules, every business processing credit cards must check for and remedy PCI-specified security vulnerabilities at least every 90 days. Well-managed businesses opt to perform
these tests more often to further reduce their liability. PCI vulnerability scanning is included in our Computer Security Monitoring service, giving you automatic and continuous monitoring of PCI compliance.
|
<< Back to Compliance Overview
|
