PCI audit made easy

pci_compliance.jpg

PCI DSS made easy

People all around the world are buying online and privacy and credit card security are of the utmost importance to the global customer base. Currently there is standard abbreviated as PCI DSS that ensure best practices in difficult job of keeping user information secure.

We have helped our clients consistently pass PCI DSS audits quickly and with less questions from security companies and we intend on expanding our services.

How do we consistently accomplish this?

  1. We keep and update documentation necessary for PCI DSS audit, including the following:
    • Software Development & QA lifecycle
    • Firewall Configuration
    • Comprehensive Network Diagrams
    • Security Policies
    • Implementing Change Control Protocols for Internal Systems and Development.
  2. We rigorously adhere to coding standards and maintain code review documentation.
  3. We manage potential vulnerabilities, including:
    • OpenVAS - conducting regular Internal Vulnerabilities scans
    • Keeping track of all vulnerabilities and its applicability to our systems
  4. We maintain the most current set of security tools, which is installed on each server:
    • File Integrity Management
    • Intrusion Detection Systems
    • Antiviruses
  5. We regularly update operating system and packages, ensure the best balance between security and site operations.
  6. Finally, every piece of information is documented and stored in a central logging system (Splunk Enterprise edition) enabling us to analyse and put alerts on suspicious events.