What is PCI-DSS?

Payment Card Industry Data Security Standard (PCI DSS) is a security standard Required of all companies and organizations that gather, store, process or transmit customers’ payment card data for purchases of services and products.

This standard is multifaceted as it includes 12 requirements for protecting payment cards:

  1. Install and maintain a firewall configuration to protect cardholder data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
  3. Protect stored cardholder data
  4. Encrypt transmission of cardholder data across open, public networks
  5. Use and regularly update anti-virus software or programs
  6. Develop and maintain secure systems and applications
  7. Restrict access to cardholder data by business need to know
  8. Assign a unique ID to each person with computer access
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to network resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security for all personnel

Companies must adhere to this standard in an effort to prevent unauthorized use of data, negligent data storage methods, and cyber threats in their payment account data management systems. Companies that do not meet the PCI DSS requirements could incur fines and increased transaction costs in addition to the reputational risk of a breach of payment card data.

How we can help

Our team of Qualified Security Assessors (QSA’s), certified by the PCI Security Standards Council, will determine if your data storage and security management systems meet PCI DSS standards. We will evaluate your organizational policies, system management, software designs and network architecture to ensure that there are effective security measures in place to protect cardholder data. We will determine if your company qualifies for certain Self-Assessment Questionnaires (SAQs), or if you may need to have a quarterly vulnerability scan.

What's included?

PCI data security standard assessment services

Assesses an organization’s security against PCI DSS controls and suggests gap remediation strategies.

PCI data security standard remediation services

Provides feedback on remediation actions targeted to close identified compliance gaps.

PCI report on compliance (ROC)

Provides an independent validation of PCI DSS compliance and a ROC that can be submitted to an acquirer or one of the card associations (VISA, MasterCard, American Express, Discover, JCB).

PCI report on compliance (SAQ)

Provides SAQ assistance, featuring a wide range of reporting options.

PCI-compliant external network security scanning

Fulfills the DSS vulnerability scanning requirement and requires a QSA and ASV.

PCI-compliant penetration testing

Determines if possible vulnerabilities in Internet-facing applications and systems jeopardize cardholder data security.

Why is AWA your right choice?

  • As one of the few QSA firms, we offer unparalleled experience across the PCI compliance regime.
  • AWA efficiently delivers PCI services that minimize disruption, miscommunication and the risk of schedule delays and budget overruns.
  • As a leader in security compliance, AWA leverages existing audits (eg. SOC1, SOC2, SOC3, HITRUST CSF, NIST, etc…) to provide cost savings.
  • Customers receive a tailored compliance solution built on a comprehensive portfolio of compliance services.
  • AWA not only provides security experts, but also CPAs and business risk experts to ensure our services and optimize the return on your compliance investment by providing outcomes that support broader corporate security and risk management goals.

Start the PCI-DSS process by contacting trusted QSAs and requesting a quote from AWA today.

Learn more about Latest PCI Articles

It is once again time to celebrate the new year, along with a shiny new PCI Version 3.2.1 update. Vigilant as ever, the Payment Card…

Read Article

Protecting your valuable cardholder information is most likely quite high on your list of priorities, and it is more important than ever to fortify your…

Read Article

Diligent merchants tend to actively seek out the best ways to protect cardholder data for their valued customers. The nature of online business dictates that…

Read Article

Request a Quote

Get hassle-free pricing in 3 easy steps:

  • Step 1: Send us a message
  • Step 2: Allow us to create a customized plan
  • Step 3: We’ll get you an accurate, no-obligation quote

Start Here

Request a Quote

Please fill out the fields below and one of our specialists will contact you shortly. Want to speak to us now? Call us at (866) 335-6235

Request a Quote (New Site)

I.S. Partners is serious about privacy. We will never share your information with third parties. Please read our Privacy Policy for more information.

I.S. Partners

Your choice regarding cookies on this site

This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Privacy Policy.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.