Sunday, April 28, 2024
Font size: A A A
Our events:
Security Twenty
Women in Security Awards
SUBSCRIBE TO THE MAGAZINE ADVERTISE WITH US
Latest Jobs
Post a Job Ad
Vertical Markets

PCI compliance

by Mark Rowe

A security and compliance company reports that it has achieved global Approved Scanning Vendor status from the Payment Card Industry (PCI) Security Standards Council for a sixth year.

The Payment Card Industry Security Standards Council was formed by Visa, Mastercard, American Express, JCB and Discover Financial Services, to devise international security guidelines for any company that processes, stores, or transmits customers’ payment card details.

The PCI Security Standards Council mandates that all merchants with a presence on the internet must conduct regular security audits of their payment infrastructure to test that they protect customers’ payment card details from being intercepted by hackers and thieves. Businesses that fail to comply risk losing their ability to process online payments, or financial penalties if they are proven to be responsible for a data leak.

External scans of merchants’ networks must be carried out on a quarterly basis by Approved Scanning Vendors (ASVs) that are vetted by the PCI Security Standards Council.

Commenting on RandomStorm’s renewed ASV certification, Andrew Mason, co-founder and Technical Director of RandomStorm said, “Several high profile hacks have highlighted the dangers to payment card data stored on merchants’ systems. While breaches suffered by the largest merchants tend to hit the headlines, retailers and online businesses of all sizes need to follow best practice and be able to quickly detect network intrusions to protect their customers against card fraud. Owing to the increase in malware, botnets and exploit kits, a company’s security status can change on a daily basis. The best way to achieve ongoing security is through continuous monitoring of network assets, in between scheduled audits.”

The firm provides vulnerability scanning and intrusion detection services to help companies to improve and maintain their security posture on a continuous basis. The company is a CESG CHECK security consultancy and certified as a Qualified Security Assessor (QSA) and ASV by the Payment Card Industry Security Standards Council.

References

“PCI DSS Quick Reference Guide, understanding the Payment Card Industry Data Security Standard version 2.0” https://www.pcisecuritystandards.org/documents/PCI%20SSC%20Quick%20Reference%20Guide.pdf

PCI DSS Quick Reference Guide – “choosing an Approved Scanning Vendor” https://www.pcisecuritystandards.org/documents/PCI%20SSC%20Quick%20Reference%20Guide.pdf

PCI Compliance Guide – frequently asked questions http://www.pcicomplianceguide.org/pcifaqs.php

Related News

  • Health

    Vismo at healthcare show

    by Mark Rowe

    The software firm Vismo are launching the latest version of their Locate & Protect app at the International Association for Healthcare Security…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

News

Products

Explore

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing

Close