Organization of Payment Card Industry publishes the PCI-DSS standard in the field of information security. The requirements of the standard require all organizations that process credit card data or keeping information related to the cards, including defrayals businesses and third party suppliers. complying the standard conditions protecting from fines and claims from the international credit card companies in case of penetration of hostiles to the company systems and data leaking (credit card information).
The standard is a technological standard in subjects of information security and it contains specific instructions requires for implanting in the organization according to following issues:
- Securing network.
- Securing customers information.
- Managing and protecting against vulnerabilities in the systems.
- Execution of strong authentication.
- Audit and fluent performing of information security surveys.
- Configure an information security policy.
Especially according to the amount of processing credit card information that perform by the business. Configuring 4 levels of risk separated, but one thing in common is SAQ self-assessment questionaires and a quarterly vulnerability scanning of the network.
Primesec supplies a large variety of services in purpose to assistance in complying the standard requirement additionally to raising the level of security, to reduce the level of expose of the business assets to vulnerabilities from different threats sources.