Loading

PCI Compliance-aaS

Challenge

Credit card companies led by Visa, MasterCard, American Express and Discover have been working with online merchants to adopt security standards to protect consumer data, such as card numbers. The result is a system known as the Payment Card Industry Data Security Standard, or PCI. The PCI standard established a list of 12 detailed requirements that large merchants and service providers that handle cardholder data must have met by June 30, 2005. These requirements include strong end-user access controls and activity monitoring and logging, as well as the need to regularly test security systems and processes. Merchants that accept credit card payments now have to prove that their payment systems have the proper security measures to stop fraud and compromised data, or risk substantial fines.

Solution

The earthwave PCI Compliance-aaS is the only regulation-specific service that allows organisations to automatically and easily leverage the powerful capabilities of Managed Security Services to address PCI requirements. Unlike "reporting only" products, this service uses the powerful capabilities of earthwave MSS to automatically identify violations specific to the PCI standard via a closed loop, reportable process. earthwave PCI Compliance-aaS automatically collects information from system components covered under PCI and provides an intelligent layer of analysis, audit and documentation.

The earthwave PCI Compliance-aaS provides a system of reports and real-time checks specifically designed to monitor systems that contain cardholder data, manage vulnerability and access control, monitor networks, and maintain security policies to demonstrate to stakeholders and auditors that the controls over your company's credit card data systems expose little or no risk.

Addressing Every Phase of PCI Management

earthwave helps you make your PCI compliance program more efficient, effective and auditable. earthwave PCI Compliance-aaS is specifically tuned to help organisations automatically perform the following actions:

  • Manage PCI security measures on an ongoing basis
  • Automatically identify PCI compliance violations
  • Prepare for upcoming PCI audits
  • Demonstrate PCI compliance to auditors

The earthwave MSS for PCI is the ultimate protection and efficiency for ongoing management of PCI requirements. This service analyses data from existing infrastructure to immediately identify PCI compliance issues through a combination of technical analysis and business process monitoring. These automated checks are supported by a closed-loop, auditable workflow that ensures all PCI violations are appropriately addressed as they are discovered.

The earthwave PCI Compliance-aaS helps merchants prepare for PCI audits by providing a comprehensive view of PCI compliance status throughout the enterprise. Now, enterprises can easily pinpoint and address non-compliant systems, broken processes and unresolved compliance violations prior to the actual audit. During an audit, the earthwave PCI Compliance-aaS assists organisations in demonstrating PCI-specific controls through a direct mapping of PCI requirements to active rules, scheduled reports, real-time dashboards and automated actions.

earthwave PCI Compliance-aaS Features

This service is designed to provide a comprehensive solution for enterprises concerned about PCI compliance, with features including:

  • Device Management by the only PCI DSS certified MSSP in the region
  • Business and technical dashboards for overall PCI compliance, plus unique dashboards for individual PCI requirements, enabling organisations to continuously evaluate the status of PCI compliance.
  • Over 25 automated business and technical checks directly audit PCI requirements to minimise exhaustive report review.
  • Over 100 business, technical and procedural reports to ensure and demonstrate compliance related tasks.
  • Automated risk-based actions, including priority escalation, case creation and notification.

Learn More