Related Links

PCI DSS Compliance Services

Organizations that handle credit or debit card payments must demonstrate compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) by completing several requirements, including self-assessment questionnaires, quarterly security scans, and on-site audits. PCI DSS defines the requirements for payment card security, specifies the levels of compliance that organisations need to meet and how that compliance will be assured. Sanctions for non-compliance are imposed if these requirements are not met.

If your company is new to PCI and looking for guidance on how to achieve compliance, Illumant's security experts can help.

Typically our clients engage us for the following:

  • Determine compliance requirements based on type and volume of credit card transactions
  • Assess the organization's current state of PCI compliance
  • Recommend improvements and solutions for meeting the requirements
  • Implement improvements and solutions, including documentation of policies and procedures

Illumant can be your one-stop provider for PCI DSS compliance and overall improvement of your payment operations. Our team of information security professionals includes certified QSA's available to advise clients on all aspects of PCI compliaces. We have developed a reputation for providing reliable and trustworthy information security consulting and are confident we can cost-effectively and efficiently help you achieve your objectives.

Under PCI DSS, organizations must:

  • Build and maintain a secure network
  • Protect cardholder data
  • Maintain a vulnerability management program
  • Implement strong access control measures
  • Regularly monitor and test networks
  • Develop and maintain an information security policy

Illumant offers the following services:

  • Advise on cardholder data protection
  • Identification of the cardholder data relevant business processes, data flows, storage and systems within the organisation
  • Identify non-permitted data and development of a remediation plan
  • Assessment of the client's PCI DSS compliance level
  • Identify areas of weakness with respect to PCI compliance
  • Define the tasks and resource requirements necessary for PCI compliance remediation
  • Develop a compliance programAnnual PCI DSS audit for level 1, 2 and 3 merchants
  • Complete the PCI self certification for level 4 vendors
  • Internal penetration tests
  • Penetration tests against externally facing servers
  • Application security vulnerability analysis

PCI DSS compliance is a complex and resource intensive process. It requires a substantial amount of specialized information security expertise. Illumant has the expertise and the experience to assist clients through the process of PCI DSS compliance.

For more information see our white paper: Illumant_PCI_DSS_White_Paper.pdf