Vanguard and igxglobal launch PCI compliance services

Although deadlines set by the major credit card issuers have passed, many retail merchants and service providers are still struggling with how to safeguard credit card information and ensure their own compliance with data security standards established by the industry's PCI Security Standards Council.

  0 Be the first to comment

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Vanguard Managed Solutions (VanguardMS), the nation's largest independent provider of managed network and security services, announces it has teamed with igxglobal, a leader in information security services and a certified QSA (Qualified Security Assessor) and ASV (Approved Scanning Vendor), to provide PCI-Comply, a comprehensive portfolio of services to assist businesses in achieving and maintaining PCI standards compliance.

"The pressure on retailers and service providers to demonstrate full compliance with credit card security standards is mounting," notes Karen Ayotte, Director of Marketing. "Not only are card issuers requiring stronger safeguards for cardholder data and the networks that carry this information, but today's more educated consumers are also demanding their information be better protected."

According to Barry Johnson, Director of Risk Mitigation at igxglobal, PCI compliance is a multi-step process. "The industry's security standards are quite complex, involving issues like updating security patches, ensuring non- default settings and passwords, and protection of resources that transmit, store or process credit card data. Compliance is applicable to a host of network components that includes firewalls, switchers, routers, wireless access points, and other network and security appliances. Few retailers are adequately prepared to address all this on their own."

The PCI-Comply portfolio from VanguardMS and igxglobal includes the following eight services:

  • PCI Gap Analysis: An initial review of systems, security methodologies, processes, to identify compliance gaps and provide preliminary recommendations.
  • PCI Audit and Assessment Services: A comprehensive, annual compliance audit and assessment tailored to a merchants' category/transaction level, from a certified QSA (Qualified Security Assessor).
  • PCI External Vulnerability/Exploitation Assessment: A quarterly network scan to enable merchants and service providers to identify security vulnerabilities in their Internet access points, from a certified ASV (Approved Scanning Vendor).
  • Forensics and Litigation Support Services: A complete solution for investigating and documenting cyber crimes, providing evidence and critical data analysis that can be used in legal proceedings.
  • Change Management and Compliance Reporting Services: A comprehensive network security package that helps ensure a secure network; stringent access control measures; routine monitoring and testing of network-wide components; ongoing maintenance of an established information security policy; and the ability to accurately track and report on numerous required compliance standards.
  • SecureGuard Monitor & Alert/Incident Response: An important service that allows merchants to monitor, report, audit and alert on access to all system components that process, store or transmit cardholder information.
  • Remote Access: The distribution, setup and on-going maintenance of keys used for remote worker access including revocation of old or invalid keys, such as RSA keys.
  • Radius Authentication Service: A service that tracks access to management systems with critical client information, and ensures that data available on a networking device, including routers and firewalls, is accessible in an authorized manner only.


The PCI-Comply portfolio of services is available now from VanguardMS and igxglobal. The PCI Gap Analysis, Audit/Assessment, Vulnerability/Exploitation Assessment and Forensics/Litigation Services are priced on a per project basis, depending upon the scope of work. The Change Management, SecureGuard Monitor & Alert/Incident Response and Remote Access services are priced as a recurring monthly fee.

Sponsored [Webinar] Practical AI in Payments: Moving Beyond Buzzwords to Bottom-Line Impact

Comments: (0)

[On-Demand Webinar] Money Mule Defence: Practical Applications and the Role of TechnologyFinextra Promoted[On-Demand Webinar] Money Mule Defence: Practical Applications and the Role of Technology