Bridging the Gap Between PCI Compliance and Security
The fact that being PCI DSS (Payment Card Industry Data Security Standards) compliant does not also make your network fully secure is not a new revelation. These standards of compliance were developed by and are enforced by the PCI Data Security Standards Council, which was founded by Discover Financial Services, American Express, JCB International, MasterCard Worldwide and Visa Inc. At their core, PCI DSS requirements serve as a baseline for network security and operational procedures designed to protect card holder data.
The challenge that any business that accepts credit cards as a method of payment are faced with is how to properly manage compliance requirements AND network security on their own. Many IT departments must operate under staffing and budget constraints that leave their areas of responsibilities very broad, making it difficult to allocate the appropriate focus to these areas of extreme importance. Merchants must focus on filling gaps related to staffing, technology and processes in order to effectively protect themselves against today’s cyber-threats. As data breaches are very costly to both the bottom line and brand reputation, Cerdant is very proud to partner with merchants in all verticals to develop solutions that protect them from becoming the next headline.
At Cerdant, we often compare how we approach the relationship between PCI DSS compliance and security to how a person might approach securing their home. If you were concerned that someone was going to circumvent traditional security measures, such as locks, and break into your home, you wouldn’t just place a security camera at the front door, would you? No, you would likely also place cameras at any other main entrance to your home, as well as sensors on your windows. And you may also partner with a company the specializes in home security to ensure you have the proper monitoring in place and experts at your disposal when you need them. With Cerdant’s Retail Security Solutions, you can be confident that you have an expert Managed Security provider at your disposal to provide a PCI compliance and network security solution that is right for your business.
As the PCI DSS Council states in their standards reference guide, PCI DSS compliance is a constant process of assessment, remediation and reporting. The following are just some of the ways we partner with our clients to build a strong layered security approach that reaches beyond the scope of PCI compliance, provides secure infrastructure and eases the compliance related workload.
Comprehensive Managed Firewall Service and Unparalleled Support
We are proud to support SonicWall UTM firewall products in all of our customer environments. This product line offers a full and effective set of advanced security features at a low total cost of ownership, including:
- Content filtering and application control
- Multi-engine sandbox
- Intrusion prevention, anti-spyware, anti-malware
- Encrypted traffic scanning
As Cerdant has exclusively supported SonicWall firewall products since our founding in 2001, you will not find a more experienced group of engineers outside of SonicWall, or a more robust management offering. You can rest assured that you are getting the most out of your technology investment when partnering with Cerdant.
Cerdant Sentry Threat Detection
Log monitoring and management is an essential component of both compliance AND security. Our state-of-the-art threat detection systems scan your logs 24×7 to protect you from viruses, spyware and malicious activity. In conjunction with the system automation, our team of Network Security Analysts works proactively with you to find and resolve issues in the most efficient way possible.
Click here for more information on our Sentry Threat Detection service.
Managed PCI DSS Compliance
We proudly offer varying levels of compliance management that includes the following components:
- Firewall log retention on a rolling annual basis
- Wireless Rogue AP Detection and Reporting
- Network Inventory Detection and Management
- PCI DSS Self-Assessment Portal and Questionnaire
- PCI DSS Self-Assessment Assistance
- PCI DSS Information Security Policy Template
- Quarterly External Vulnerability Scanning
- 100K Breach Protection Insurance
Round the Clock Monitoring
Our 24×7 Network uptime monitoring ensures that outages will be detected and resolved quickly. We will not only send a notification when your internet service or firewall is offline, but we will proactively call a site contact AND work with the ISP on your behalf to restore service. This service alone can save a location/site contact/owner/company significant time and money.
Whether your company manages network security and compliance internally, or partners with a managed security service provider like Cerdant for assistance, it is vital to plan beyond just compliance requirements. Please contact us to discuss how we can help you design and maintain a strong security and PCI DSS Compliance standard for your business!
Cerdant Sales – firstname.lastname@example.org – 877.616.9384