New PCI SSC Scoping & Segmentation Guidance: what does it mean?
Blog, Fact Sheets, Uncategorized, Whitepapers

New PCI SSC Scoping & Segmentation Guidance: what does it mean?

By Natasja Bolton, Senior Acquirer Support QSA   Since the earliest iterations of the PCI DSS, the standard has included the requirement for scoping and has referenced network segmentation as a method of reducing the scope, cost and difficulty of a PCI DSS assessment. For just as long organisations, QSAs and ISAs have been seeking further guidance […]

Data breach: Prepare your Business
Blog, Fact Sheets, Uncategorized, Whitepapers

Data breach: Prepare your Business

The PCI DSS v3.2 Self-Assessment Questionnaires requires that all merchants have an Incident Response Plan, regardless of their size, volume of transactions or the extent to which they have outsourced the handling of payment card data. This is to make sure they can respond effectively in the event of a breach that could impact payment […]

Do your clients know their cardholder data environment?
Articles, Blog, Whitepapers

Do your clients know their cardholder data environment?

by Jason McWhirr, Information Security Consultant One of the most important (and underused) first steps for any business or service provider when undertaking PCI DSS is to understand how cardholder data is used within their organisation, its people, departments, and systems. Without first knowing this, it is impossible to know which parts of their organisation […]

Customer engagement - driving compliance through customer engagement
Articles, Blog, Whitepapers

Customer engagement – driving compliance through customer engagement

Many factors can impact the effective delivery of a PCI programme for acquirers, processors and ISOs.  From how customers are engaging with their PCI programme to what channel and communications are compelling them to take action.   Download our Best Practice Guide where we take a look at how an omni-channel approach can improve customer […]

A guide to ecommerce SAQs
Articles, Blog, Client Resources, Whitepapers

A guide to ecommerce SAQs

by Natasja Bolton, Acquirer Support Manager Most small and medium-sized merchants rely on an online compliance portal, such as our Sysnet.air solution, to determine the appropriate SAQ for their PCI DSS self-assessment. SAQ determination is based on the merchant’s completion of a series of questions on their  payment channels and payment processing methods.   For many merchants […]

PCI DSS v3.0 compliance: A closer look at Requirement 9.9 – Payment Terminal Protection
Articles, Blog, Whitepapers

PCI DSS v3.0 compliance: A closer look at Requirement 9.9 – Payment Terminal Protection

Though EMV Chip technology (chip and pin) has been effective in decreasing card fraud, criminals are increasingly using new methods to compromise data. From July 1st 2015, requirement 9.9 will be enforced by the Payment Card Industry Security Standards Council (PCI SSC). This requirement will ensure that merchants have controls and countermeasures in place to […]

What is PCI DSS?
Blog, Risk & Assurance, Whitepapers

What is PCI DSS?

Natasja Bolton, Consulting Manager   Founded in December 2004 by 5 major card brands – Visa, MasterCard, American Express, Discover and JCB. The Payment Card Industry Data Security Standard or PCI DSS for short is a compliance standard that defines data security requirements relating to the processing, storage or transmission of cardholder data.   In 2006, the card […]