The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard created to help organizations that process card payments prevent credit card fraud by increasing data controls and limiting the possibility that data will be compromised. Regardless of the size of a business, compliance to these PCI standards must be assessed annually. Organizations handling large volumes of transactions must have their compliance assessed by an independent assessor known as a Qualified Security Assessor (QSA), while companies handling smaller volumes may have the option of self-certification via a Self-Assessment Questionnaire (SAQ).
WTE Solutions works closely with two PCI certification companies to offer merchants compliance validation services: Trustwave and ScanAlert.
Trustwave's compliance validation service includes all the tools required for validating compliance with the PCI DSS and other information assurance regulations and standards. For merchants, the responsibility to secure your customers' data starts at your headquarter's location and extends to the store level. Trustwave recognizes this challenge and can help your organization validate PCI DSS compliance with TrustKeeper®, a one-stop-shop for compliance and certification.
Compliance Validation Services (CVS)
- Level 1 Merchant - For Level 1 merchants, Trustwave's compliance validation solution (CVS) is comprehensive in scope from document collection and analysis to vulnerability scanning and penetration testing to the final production of the Report on Compliance (ROC). The PCI DSS validation for Level 1 Merchants includes an on-site evaluation as required by the PCI DSS.
- Level 2 and Level 3 Merchants - For Level 2 and Level 3 merchants, PCI DSS validation includes a Self-Assessment Questionnaire and vulnerability scanning through TrustKeeper. In addition, Trustwave assigns a security consultant to work with a client's internal team after the initial questionnaire and scan are completed.
- Level 4 Merchants - For Level 4 merchants, Trustwave's TrustKeeper offers the Self-Assessment Questionnaire, vulnerability scanning, if necessary, and remediation services. Sponsored programs have access to Trustwave's Security Policy Advisor, online education and help references and Security Awareness Training. These services are offered through Trustwave's on-demand TrustKeeper® compliance portal, which is the leading compliance tool in the payment industry.
Thousands of organizations around the world–from government agencies and online retailers, to nonprofits and manufacturers–trust McAfee to audit their initial and ongoing PCI compliance status. This full-service PCI certification program is a simplified, easy-to-use system for Level 2-4 merchants that need to successfully and confidently complete the steps necessary for PCI certification. It includes automated state-of-the-art scanning, an online self-assessment questionnaire, and extensive technical support, such as vulnerability remediation assistance, to help manage compliance activities, and the ability to send compliance reports directly to your bank. The program also provides step-by-step guidance, real time analysis of your compliance status and alerts when requirements are due. Technical support is available from a staff of certified security professionals.