The Payment Card Industry (PCI) Data Security Standard is a mandatory security standard for all businesses that handle transactions using major branded credit cards, including Visa, MasterCard, American Express, Discover, and JCB. It’s designed to help businesses protect customers’ payment card information. We can help make sure that your business is in compliance with PCI standards using the Sage PCI Compliance Assessment.
Our methodology has two phases. In Phase I, we identify and inventory the computers, devices, and lines (the “target systems”) that process, store, and/or transmit cardholder information. We then diagram and describe each transaction type to determine the scope of Phase II.
In Phase II, we assess the security posture of your target systems and supporting infrastructure against the requirements of the standard to identify gaps in compliance. Our assessment is based on the current PCI Data Security Standard 3.2, which focuses on twelve distinct categories, all of which we address in detail. Once any required remediation steps have been taken, we may assist with the completion of the necessary SAQ questionnaire.
After we identify and inventory your target systems in Part I, we will provide:
Once our Part II assessment is complete, we will provide:
Our compliance report becomes the basis for the PCI Data Security Standard Self-Assessment Questionnaire, a validation tool that addresses the twelve compliance categories and their associated controls. We will incorporate our findings from Part II into the Self-Assessment Questionnaire as a means to obtaining PCI compliance certification once any necessary remediation steps are completed.
There is no single, straight path that will get you to the point where you can say, “We did it! We’re 100% cyber-secure.”
A more realistic destination is cyber resiliency – the ability to prepare for and adapt to changing conditions, so you can withstand and recover rapidly from disruptions. Achieving cyber resilience depends on what we like to call the cybersecurity lifecycle – an ongoing cycle of interconnected elements that compliment and reinforce one another.
Are you struggling to find the time to effectively monitor your network for potential threats? Let nDiscovery do the detective work for you! We translate generic threat data into specific actionable intelligence – cutting through the noise so you can focus on what is truly important.