Contacts
+49-172-6371372
logo

PCI DSS implementation

REQUEST A QUOTE

Practical security standard that applies even outside the industry for which it was created

Payment Card Industry Data Security Standard (PCI DSS) was created in 2004 by the joint efforts of the largest international payment systems: American Express, Visa, MasterCard, JCB and Discover.

The standard has become popular due to its practicality, conciseness, and official status. For example, the Chinese international payment system UnionPay, which initially did not comply with PCI DSS, became a strategic member of the PCI consortium to strengthen its own and international security standards. PCI DSS compliance checks are integrated into many end-to-end security systems and are used for self-assessments even outside the payment card industry.

PCI DSS

The PCI DSS compliance specification describes a set of requirements that companies participating in international payment systems must comply with in order to ensure that the correct measures are taken to protect all data, both internal and external.

H-X will help your organization to develop and implement the necessary security controls and meet the requirements of the standard.

Implementation plan:

1
Scope and documentation development
  • Definition of the PCI DSS scope
  • Providing recommendations for the implementation of information systems in accordance with PCI DSS requirements
  • Development of IT and IS process management policies in accordance with PCI DSS
2
Implementation of information security processes
  • Implementation of IT and information security processes to comply with PCI DSS requirements
  • Risk assessment
  • Development of IT and IS process management procedures
  • Personnel training in PCI DSS requirements
3
PCI DSS periodic technical actions
  • Wi-Fi network scan – quarterly
  • Network segmentation test – twice a year
  • Internal vulnerability scan – quarterly
  • ASV scanning of external vulnerabilities – quarterly
  • Internal PCI DSS compliance review – quarterly
4
Security assessment (penetration test) of information systems within PCI DSS
  • External penetration test – annually
  • Internal penetration test – annually
  • Vulnerability assessment and Wi-Fi attack modeling – annually
More about penetration tests.

Check out our additional services and business cases. Send the form below to request an audit or implementation of PCI DSS, PA DSS, or other PCI SSC standards. Get a free consultation.

REQUEST A QUOTE

Related services

You might also be interested in:
Security compliance audit Security compliance audit Penetration testing Penetration testing Red Team – test your incident response Red Team – test your incident response Security audit of source code Security audit of source code Incident investigation and forensics Incident investigation and forensics Server hardening Server hardening Product, service and DevOps security Product, service and DevOps security Managed compliance Managed compliance Security experts as a service and Virtual CISO Security experts as a service and Virtual CISO Managed threat detection and response Managed threat detection and response Awareness programmes Awareness programmes
#accredited_auditor #certification #compliance_audit #configuration_audit #ISMS #ISO_27001 #local_network_audit #OWASP #PCI_DSS #personnel_audit #security_implementation #security_standards #vulnerability_scan

Business cases of projects we completed

Audit of smart contracts and blockchain
Read
Business Automation
Read
Information security incident response and investigation
Read
Managed security and compliance (ISO 27001, etc.)
Read
Security analysis of software source code
Read
Security assessment: audits and penetration tests
Read
Security Operations Center cases
Read
View all

Contact us

As an option, use this form:




    This website, like any other well developed website, uses cookies.
    Details