For the fifth consecutive year, Japanese credit card processing firm ZERO has chosen Datacraft's Security Health Check service to help manage and limit the risks associated with online payments.
ZERO, which provides financial and banking services for a large cross- section of Japanese online e-commerce sites, has enjoyed aggressive growth in the area of payment solutions. It is using Datacraft's Security Health Check to improve its business and technical risk management - specifically at its core data processing center in Tokyo - where the solution has helped to limit liabilities incurred from security lapses.
Due to very stringent financial regulations and strict security requirements in the US, international credit card agencies were initially reluctant to let ZERO process the card transactions directly. By implementing Datacraft's Security Health Check service, ZERO was not only able to enhance its processes and technology to comply with the strict financial security requirements, it was also able to gain the support of the credit card agencies to successfully grow its business.
Datacraft's Security Health Check service allows organisations to better understand the overall security posture in details by combining measurements for all aspects of security -- people, process and technology. As the result is presented numerically as well as qualitatively, clearly defined security objectives can be set.
"Having used our Security Health Check service for five consecutive years now, it is obvious that ZERO has benefited from the service. As the Security Health Check service is reviewed annually, it not only ensures optimal security, but can also be used as a ROSI tool - return on security investment - to assess how their security spending has helped in reducing business risks," said Megumi Hasegawa, Country Manager of Datacraft Japan.
Datacraft's Security Health Check service enables organisations to plan and manage secure information systems operations effectively. The service can be applied to existing environments as a benchmarking and management tool; or to new environments in order to build and incorporate security standards into the core networks.
The service is designed around a two-stage approach -- policy and technology. Security considerations regarding people and process are the focus of the policy aspect of the framework. The technology aspect focuses specifically on the configurations, patching and access rights management. As the Security Health Check service can be used to define and design the appropriate security measures and policies, companies can also leverage on the service to achieve certifications for a number of Japanese and internationally recognized security standards such as Privacy Mark and ISO27001.