PCI Compliance

Simple PCI compliance consulting services for businesses of all sizes
img if your organization has an online presence
If your organization has an online presence, a lack of security services not only opens your business to malicious attack, but also reduces the confidence your customers have in your ability to keep their data safe. And if you accept online credit-card payments, the stakes are exponentially higher. While exposing personally identifiable information is problematic, exposing payment details and credit card information causes a ripple effect that could take years and millions of dollars to rectify and may mean losing your business forever.

Selecting a Qualified Security Assessor

A Qualified Security Assessor (QSA) is a data security firm that is certified by the PCI Security Standards Council to perform on-site security assessments for verification of compliance with the PCI Data Security Standard (PCI DSS). While US IT Services is not a QSA, we can ensure the assessment process goes smoothly by preparing your systems and policies as well as helping you choose a QSA.

We facilitate a successful assessment by:

Companies that have been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS can be found here.

Your PCI Compliance Checklist

This standard set of security requirements constitutes the PCI DSS, and compliance with these standards is an ongoing process for merchants. The following checklist details the overarching goals and basic measures your organization needs to achieve or maintain compliance.
Goals PCI DSS Requirements
Build and Maintain a Secure Network 1. Use a firewall
2. Do not use default parameters
Protect Cardholder Data 3. Protect stored cardholder data
4. Encrypt transmission of cardholder data
Maintain a Vulnerability Management Program 5. Use antivirus software
6. Develop secure systems and applications
Implement Strong Access Control Measures 7. Restrict access to cardholder data
8. Assign a unique ID to each person
9. Restrict physical access to cardholder data
Regularly Monitor and Test Networks 10. Monitor all access to network and cardholder data
11. Regularly test security systems and processes
Maintain an Information Security Policy 12. Maintain a security policy
Contact US IT Services today to review the PCI Compliance Checklist with an audit, and learn how to better secure your clients’ data and your organization’s future.
Are you responsible for achieving compliance with additional data security regulations? Read about our other compliance services, or contact us for more information.