PCI Compliance

PCI Compliance

 

PCI Compliance - The ever evolving need to conform.

What is PCI Compliance? (Are you sure you want to know?)

Secure Network - Maintenance of your firewall to protect consumer data 
Data Protection - Protect and Encrypt cardholder data transmissions
Risk Management - Maintain secure systems by targeting vulnerabilities
Access Control - Restrict access to cardholder data on a need-to-know
Monitoring - Regularly monitor network and track access to resources
Maintenance - Maintain a policy that addresses security

 

 

This sounds complicated, and it can be, however if your business needs to be PCI Compliant it is critical you conform and comply and there are external companies that 'probe' your systems to make sure you do comply.

 
The technicalities of PCI Compliance

There are many levels to compliance and our role in your IT Environment is critical. Over the years there are methods of communication across the internet that were 'perceived' as safe and secure (Encrypted) however these methods have systematically been proven to be 'insecure' and therefore if your business communicates with these methods (Cyphers) then you are at risk and you won't comply.

You may have heard of some of the following terminology - SSL2, SSL3, TLS1.0, TLS1.2 and others. The once secure protocols are the way computers talk to each other in secret (Encryption), however over the years these once secure methods of communication have proven to be unsafe and as such can no longer be used for this purpose.

Your computer network can be subject to things such as 'Man-in-the middle' attacks, Sweet32 vulnerabilities and many many more and knowing where to turn these off and employ different techniques is important. Do you have a dedicated firewall device that can filter and protect against these attacks? if not this may be the easiest way to get yourself on track to becoming PCI Compliant!

Antivirus, Antimalware, encrypted storage, SYSLOGS - all play a part in PCI Compliance.

WHAT CAN WE DO TO HELP?

We can provide a suite of tools and hardware that will contribute to your PCI Compliance status. Even if you do not need to be PCI Compliant a robust quality Antivirus, Anti-Malware and Firewall device should be a minimum you should consider just to make your network safe from intruders and people who wish to steal your data and hold you to ransom!


You can call us for a free of charge consultation and one-on-one meeting to establish where you are currently at and where you need, or want, to get to.

facebook_page_plugin