Services
SIEM Service
Managed Firewall Service
PCI Compliance
DDoS Mitigation
Managed Network Services
Intrusion Prevention
Device Encryption
Remote Access VPN
Global Roaming (iPass)
Internet Filtering
Identity Management
Vulnerability Testing

PCI Compliance

Expert PCI compliance and scanning services

If your organisation stores, processes or transmits credit or debit card payments then you will need to comply with the Payment Card Industry (PCI) Data Security Standards (DSS). These new regulations issued by the major credit card companies such as Visa and MasterCard will need to be adhered to if you want to continue taking credit and debit card payments.

PCI Scanning: DSS Compliant Security Scan

Boxing Orange is a PCI Approved Scanning Vendor and can perform the required scans for PCI DSS compliance for all organisations.

As required under Requirement 11 of the Payment Card Industry Data Security Standard (PCI DSS), all companies processing card payments must comply with the following: "Quarterly external vulnerability scans must be performed by a scan vendor qualified by the payment card industry."

Boxing Orange performs these quarterly scans in line with the standards set by the PCI Standards Council. The scans are run over the Internet and help identify vulnerabilities and mis-configurations of web sites, applications, and information technology infrastructures with Internet-facing IP addresses.

PCI Compliance: DSS Pre-Audit Assessment

Boxing Orange security consultants also offer a pre-audit assessment designed to analyse your current compliance status by identifying and prioritising areas requiring remediation. The full audit includes:

  • Initial Review
  • Physical network audit
  • Gap Analysis
  • Compliance Readiness Statement
Use the Boxing Orange PCI Self Assessment to analyse your current status online now.

Get in touch

To find out how Boxing Orange can help you comply with the PCI Data Security Standards call, +44 (0)113 232 2340 to talk to one of our experts.

 

PCI Compliance Resources

Download our PCI compliance whitepaper

Vist the Official PCI Standard Website

 

More PCI Compliance information

The PCI Data Security Standard consists of twelve basic requirements and corresponding sub-requirements and you will need to make sure that your IT systems, applications and databases are PCI compliant to protect card holder information. The table below outlines the key requirements.

PCI Data Security Standard
Build and Maintain a Secure Network 1. Install and maintain a firewall configuration to protect data
2. Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder Data
Protect Cardholder Data 3. Protect stored data
4. Encrypt transmission of cardholder data and sensitive information across public networks
Maintain a Vulnerability Management Program 5. Use and regularly update anti-virus software
6. Develop and maintain secure systems and applications
Implement Strong Access Control Measures 7. Restrict access to data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data
Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
Maintain an Information Security Policy 12. Maintain a policy that addresses information security

To address the PCI challenges, Boxing Orange has developed two services aimed at helping you become PCI compliant: The PCI DSS Compliant Security Scan, and the PCI DSS Pre-Audit Assessment.

© 2007 Boxing Orange Ltd.
Place your trust in Boxing Orange - info@boxingorange.com   Tel : 0113 232 2330
Site map