PCI DSS Consultancy

PCI DSS Consultancy

PCI DSS Consultancy

 

The Payment Card Industry (DSS), also known as Payment Cards Industry Data Security Standard, defines the logical and physical information security rules that must be followed during the processing, transmission and storage of credit card information. Established by a council called the Payment Card Industry Security Standards Council (PCI SSC), which includes Visa, MasterCard, American Express, Diner Club and JCB, this system is a required standard for technical and operational transactions.

PCI-DSS, an improved standard for the use, protection, storage, provision and transmission of certificates; It consists of 12 basic items defined under 6 main criteria:

A. Establishing a secure and continuous network infrastructure
1- Positioning and configuring firewall to protect card information
2- No use of the predefined password in any software or hardware in the system
B. To protect the information of the cardholder
3- Safe storage of card information
4- Scrambled sending of card information on public networks
C. Establish security clearance management
5- Regularly update security software
6- Secure system and application development. Continuity of improvement
D. Apply effective access control
7. Restrict access to card information on the business side
8- Every user has his / her own user account and can open the session with this user account
9- Physical blocking of access to card information.
E. To monitor and test regularly
10- Monitoring card information and all accesses to the network
11- Continuous testing of security systems and processes
F. Applying information security policy
12- Implementation of a sustainable policy that addresses information security for all staff.

As Sipertek, we provide consulting services in accordance with the standards in conformity with the PCI DSS standard and during the periods specified in the compliance verification requirements, and before the QSAs (Qualified Security Assessor) certified by the PCI council.