Payment Card Information Security Services

In-person PCI Assessments, Implementations and Audits

>> Contact us for a PCI DSS Gap Assessment

We will help you process card payments securely and reduce payment card fraud

AVeS Cyber Security can help you keep customer payment information safe from fraudulent use by aligning your organisation’s data processing methods to the Payment Card Industry (PCI) Data Security Standard (DSS). Our Payment Card Information Security Management Services covers the entire Information Management Process, from an initial assessment to remediation, auditing and incident response.

Who will benefit from becoming PCI DSS Compliant?

Companies that accept, process or receive payments via debit or credit card.

What are the legal risks if you are not PCI DSS compliant?

  • Incur fines for payment card data loss
  • Be held financially liable for fraudulent use of lost payment data
  • Lose customers’ trust and future business
  • Pay more for costs of compliance
  • Lose the ability to accept payment cards

Payment Card Industry Data Security Standard Compliance Milestones

  • Depersonalised Data

  • Access Control

  • Network Protection

  • Secure Data Storage

  • Application Security

  • Policy & Procedure

Payment Card Industry Data Security Standard: High-Level Overview

Build and Maintain a Secure Network and Systems

1. Install and maintain a firewall configuration to protect cardholder data

2. Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

3. Protect stored cardholder data

4. Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

5. Protect all systems against malware and regularly update anti-virus software or programs

6. Develop and maintain secure systems and applications

Implement Strong Access Control Measures

7. Restrict access to cardholder data by business need to know

8. Identify and authenticate access to system components

9. Restrict physical access to cardholder data

Regularly Monitor and Test Networks

10. Track and monitor all access to network resources and cardholder data

11. Regularly test security systems and processes

Maintain an Information Security Policy

12. Maintain a policy that addresses information security for all personnel

Complementary Services

Governnce, Risk and Compliance Services

"Obtain integrated governance, risk and compliance reporting capabilities across organisational units and work groups."

>>Find out more about our GRC services

Information Security Management Services

"We will help you fight less fires by aligning your information security management approach to international best-practice standards."

>>Find out more about our ISO services

Information Technology Governance Services

"Prove the business-enabling value of, and increase trust in, your organisation's information systems."

>>Find out more about our IT Governance services

Book a PSI DSS Gap Assessment