PCI CompliancePCI Compliance


NeoSpire is SAS70 certified
Bookmark and Share

PCI Compliance Overview

NeoSpire always strives to be on the forefront of standards and audit requirements. One of which is PCI DSS, Payment Card Industry Data Security Standard. PCI DSS was developed by the major credit card companies as a guideline to help protect organizations that process card payments against fraud, hacking and various other security vulnerabilities and threats. These multilateral standards encompass a broad range of cutting edge security technologies to satisfy PCI compliance requirements.

 

A company processing, storing or transmitting payment card data must be PCI DSS compliant, or they will risk losing their ability to process credit card payments. It can also be fined for incidents involving data that a company is required by the standard to protect.

 

Firewalls, vulnerability patching and intrusion detection systems have become standard components of web-based applications for businesses and hosting providers, but they are only part of the solution. As evident from the ever-increasing reports of data breaches, hackers are staying a step ahead of the typical security framework. Already one of the more strict security frameworks, dictating an intensive procedural approach to managing security on a daily basis, the current and upcoming releases of the PCI Council’s Data Security Standard will also require the implementation of less familiar technologies such as application firewalls and wireless traffic analyzers.

 

NeoSpire, Inc. is enrolled in Trustwave's Trusted Commerce program NeoSpire has the technology and experience to help any company conform to the next generation of Payment Card Industry security requirements and is enrolled in Trustwave's Trusted Commerce™ program to validate compliance with the Payment Card Industry Data Security Standard (PCI DSS) mandated by all the major credit card associations.

 

PCI Compliance Hosting Features

  • Application Firewall
    NeoSpire's Application Firewall Service provides optimal protection for an organization's web applications and sensitive data against these sophisticated attacks and prevents data leaks from occurring.
  • Host Intrusion Detection System
    NeoSpire Host-Based Intrusion Detection Systems (HIDS) adds real-time threat awareness to existing prevention measures.
  • Vulnerability Management
    NeoSpire expert administrators use the most current anti-virus software and security patches to avoid and remedy system weaknesses.
  • Installation and Configuration
    A NeoSpire administrator will manage the installation and configuration of the custom, scalable network. The network will maintain a firewall structure to safeguard cardholder information.
  • PCI DSS Security Scanning
    NeoSpire utilizes an Approved Scanning Vendor (ASV) to conduct quarterly scans, in conjunction with a vulnerability management program, of internet-facing IP addresses. These scans reveal security vulnerabilities, which are reported to the customer detailing the issue with remediation plans.
  • Encrypted Backup
    NeoSpire utilizes several types of encryption and protection methods to secure stored data. Such methods render stored information unreadable and unusable to anyone unauthorized to view the data.
  • Monitoring/Testing
    NeoSpire will track and monitor all access to company’s cardholder data. Testing of security systems and processes will be scheduled on a regular basis, in addition to the maintenance of a security policy.

 

Being PCI DSS compliant will:

  • Save your company's reputation
  • Ensure cardholder data is protected
  • Drastically reduce costs from data theft

 

Top 10 Misconceptions about PCI

 

PCI DSS compliant? Call us today at 1.888.774.2253 or email us at sales@neospire.net to find out with a NeoSpire evaluation.

 

Request a Quote