PCI Consultancy: achieve and maintain
Scope DefinitionOur PCI Consultancy will help you decisively determine which systems within your organisation's infrastructure are in scope as far as PCI DSS 3 is concerned. The latest revision crystalises the fact that a simple vulnerability scan on a few credit/debit card data-holding systems is not enough. Our clients are given a full understanding of the requirements and why a particular system should be considered in scope and what is required to address any deficiencies.
SegmentationNetwork segmentation in order to protect systems containing payment card data is a specific item to be tested in PCI DSS 3. Penetration tests will be required that test the effectiveness of any network segmentation and any deficiencies require remidiation in order to achieve compliance. We assist our clients in planning and deploying effective network segmentation solutions, often requiring no additional investment.
PCI DSS ResponsibilityMany standards-compliant merchants rely on service providers to have the same level of diligence and inward scrutiny. This unwritten trust can cause problems after a breach as one party claims to have assumed the other was responsible for various things. PCI DSS specifically addresses this in that responsibilities have to be formally documented. Our PCI Consultancy will help you ensure you take on precisely what you need to and that your organisation's service providers are aware of their role.
© 2015 Vis Viva. All Rights Reserved. Registered in England 07649694 | VAT GB113381350 | All images and logos are copyright their respective owners