PAYMENT CARD INDUSTRY DATA SECURITY STANDARD PCI DSS
Meet Compliance Mandate and Protect Cardholder Data
Every year there are billions of credit card transactions representing trillions of dollars in value. PCI DSS is the global data security standard that applies to organizations that store, process or transmit payment card data. Major credit card vendors formed the Payment Card Industry Security Standards Council (PCI SSC) which is responsible for managing and updating the PCI standard. PCI requires merchants to safeguard payment card data by maintaining prescribed practices and policies, including network security, password management, encryption, vulnerability management, endpoint protection, and security monitoring.
Partnering with a Managed Security Service Provider (MSSPs) addresses some of the key PCI requirements such as:
Proficio provides a range of services that align to the requirements of the PCI standard. Our Managed Firewall Service ensures the configuration of next-generation firewalls maximize perimeter security and restrict direct public access between the internet and any system component in the cardholder data environment. Proficio’s Active Defense automates blocking traffic to and from known malicious IP addresses. PCI also requires that organizations protect all systems against malware and regularly update anti-virus software. Proficio monitors endpoint security software and provides Managed Endpoint Detection and Response Services to further reduce the risk. Identifying vulnerabilities and applying patches based on risk ranking is another PCI mandate. Proficio provides a risk-based vulnerability management which combines vulnerability scanning, risk scoring, and remediation consulting to protect against the exploitation and compromise of cardholder data by malicious individuals and malicious software. Our managed OSSEC agent fulfills the need to collect Windows log data and monitor file integrity logs.