Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Security Assessment Services Brief

advertisement 
PCI Compliance Services
SCIGON Exclusives
TA R G E T E D S O L U T I O N S
SCIGON Solutions tailors its PCI
e
r
PCI Compliance
u
s
n
E
Compliance solutions around
your specific environment and
goals. Whether you just need
guidance on PCI obligations and
a compliance report or a more
comprehensive assessment and
remediation actions, we can fit
the solution to your needs.
PROVEN APPROACHES
We give you a complete picture
of your company’s compliance
with PCI requirements through
an effective combination of
assessments, reports and expert
guidance. SCIGON leverages
proven methodologies and
tools, paired with our expertise
and a comprehensive approach
to PCI compliance assessments
to ensure a complete picture of
your PCI posture.
All organizations that process, transmit or store
SCIGON’s Gap Assessment uses interviews with
credit card data must implement measures to
staff members, policy reviews, PCI control testing,
comply with the Payment Card Industry Data
and assessment of data card systems to provide
Security Standard (PCI-DSS). SCIGON Solutions
an executive summary, PCI and cardholder data
offers a wide range of PCI-focused services that
environment details, and actionable next-steps to
help your company achieve its compliance goals
advance your company’s compliance posture.
and build a sustainable program regardless of
where you are in the compliance cycle.
Our Self-Assessment Questionnaire explores
details for each required control and process flow,
E F F E C T I V E R E M E D I AT I O N
We offer risk remediation as an
SCIGON Solutions offers a comprehensive set of
and all other areas associated with card-data pro-
integral component of processes
Payment Card Industry (PCI) Service Offerings to
cessing and associated systems before delivery
centered on ensuring not only
meet our client’s unique needs. For example, PCI
of an Attestation of Compliance or a Key Controls
awareness of PCI compliance
compliance training offers stakeholders a high-
Assessment Report. Our Compliance Report
gaps, but also access to experts
level understanding of your company’s PCI obli-
provides a detailed overview of your PCI compli-
who can address problems.
gations. Our Pre-Assessment Service gives you a
ance posture, including an accurate view of your
Equipping client teams with
snapshot of data processing environments and
cardholder data environment, data flow, network
these tools ensures continuous
business practices with suspected areas of non-
environment, compensating controls, and a full
compliance. SCIGON can work
compliance and remediation strategies.
systems summary.
hand-in-hand with your internal
teams to identify gaps and close
them in a cost-effective, efficient
manner.
SCIG N
S O L U T I O N S
© 2014 SCIGON Solutions, Inc.
PCI SOLUTIONS: ENSURE COMPLIANCE
Get Results
CERTIFIED EXPERTS
SCIGON Solutions uses experts
certified by all major card
brands. Our security compliance
professionals ensure alignment
between customers and critical
regulatory requirements.
COMPREHENSIVE COVERAGE
Our assessments focus on all 12
areas of the PCI Data Security
Standard and dives into the
details associated with each
individual control. We combine
remote and on-site interviews
with documentation reviews
and walkthroughs of cardholder
data processing environments,
and examines process flows
and all other areas associated
with card-data processing and
their associated and supporting
systems.
EXPERIENCE
SCIGON Solutions provides
cost-effective recommendations and plans to strengthen
your overall security posture.
Targeted assessments combine
the strengths of services tailored
around your goals with experience-based recommendations
that ensure effective results.
JUDGEMENT
We understand how business
Case Study
Industry: Hospitality and Entertainment
Client’s Profile: One of the largest hotel chains globally with
more than 4,000 hotels and resorts in 90+ countries.
The Challenge
The customer was facing several regulatory requirements involving important changes in its internal processes and technology.
One of these requirements was from the Payment Card Industry
(PCI). The implications of such requirements, as well as the
required efforts to move forward to a compliance process, were
unclear from an information security perspective,
The PCI Data Security Standard (DSS) is a set of specific security
requirements for all companies that process, transmit or store
payment card information. This security standard is intended to
help organizations protect customer account data and reflects
most best practices for securing sensitive information.
The Solution
Since the customer lacked a clear understanding of PCI requirements implications, and given that its compliance project was in its initial stage, our approach for this mandate centered on performing a PCI DSS
Data Discovery and a PCI Gap Assessment in relation to PCI DSS requirements.
For the PCI DSS Data Discovery
• We started by performing a business processes analysis in order to identify payment options as well
as cardholder information to be protected
• We analyzed and documented business functions that accept credit card payments, including those
involved in storing, processing or transmitting payment card data
• We identified and documented the technologies used to store and process credit card data
• We identified and documented the IT infrastructure that process and transmit credit card data
• We provided a detailed data flow report with credit card holder data register
For the PCI Gap Assessment
• We evaluated the customer’s currently security controls, in comparison with specific requirements
established in the PCI DSS
• During this evaluation, we considered human, technical and administrative aspects
• We performed a comprehensive revision of all information security documentation available
• Our network design team contributed to a technical review of critical IT infrastructure elements,
with a focus on network architecture
• As a result from this process, we produced a detailed report showing all gaps between existing
security controls and PCI DSS requirements
• Finally, we provided the customer with a list of recommendations and a proposed action plan in
order to correct identified gaps
About SCIGON Solutions
SCIGON Solutions’ track record in providing information security
solutions stems from our combining capabilities in key areas of
technology, enterprise services, support and training. Blending
experience with these capabilities enables our clients to better
manage risk, meet compliance requirements and reduce costs,
while maximizing security effectiveness and operational efficiency.
goals drive security needs.
SCIGON Solutions provides
risk-based recommendations
through a deep understanding
of both business and technical
SCIGON Solutions is committed to information security excellence
and offers these services to public sector and private organizations
across the United States. We number several Fortune 100 companies among our clients, and are an IBM Advanced Business Partner.
SCIGON Solutions understands “Mission-Critical” in security.
implications of security threats.
Contact us for Details on Security Services
SECURITY SERVICES
Security Assessment
Security & Network Integration
Governance Risk & Compliance
Enterprise Architecture
PCI Compliance
SCIG N
S O L U T I O N S
420 Lake Cook Rd
Suite 104
Deerfield, IL 60015
877.554.5678 ph
847.739.3139 fax
www.scigonsolutions.com
Related documents
cts-software-engineer-junior
cts-software-engineer-junior
System Integration Engineer
System Integration Engineer
US Department of Defense and Intelligence Community Clients.
US Department of Defense and Intelligence Community Clients.
Software Engineer
Software Engineer
Cloud Developer (Java)
Cloud Developer (Java)
Cubilis by Stardekk
Cubilis by Stardekk
transradial percutaneous coronary angioplasty
transradial percutaneous coronary angioplasty
System Administrator
System Administrator
peri-procedural hemoglobin drop and creatinine
peri-procedural hemoglobin drop and creatinine
Download
advertisement