• BONGO IT BLOG

What is PCI-DSS Consultancy?

Payment Card Industry Data Security Standard (PCI-DSS)

The Payment Card Industry Data Security Standard (PCI-DSS) is an information security standard for organizations that handle cardholder information. All merchants, whether small or large, need to be PCI compliant. The burden of compliance can be daunting at first, but at Bongo IT we are here to help.

You may have noted that in 2018 some of the Payment Service Providers e.g. Barclacard have tightened their regulations and are now providing more difficult questionaires. If you now find yourself stuck, please speak to one of our team.

 

What is involved

Our first step is to document the cardholder data flow. This allows us to understand how sensitive data flows through your systems, and which parts of those systems need to be scanned. We will then look at reducing the number of systems involved in the flow of cardholder data, to lessen the compliance task.

After filling in the correct questionnaire for your level of interaction with cardholder data, we initiate the scan. The scan tests all the systems through which data flows for basic security vulnerabilities. After rectifying any vulnerability, and re-running the scan until no vulnerabilities remain, compliance is achieved. We will then inform your Payment Service Provider (PSP) that you are compliant. The scan will automatically run every 3 months, and will inform you if you ever drop out of compliance.

 

PCI DSS Case Study

Bongo IT was approached by an Oxford-based charity who had been asked by their PSP to become PCI compliant. As there was an urgent deadline, we initially worked to achieve compliance. As on ongoing project we were able to suggest measures to reduce the number of systems requiring compliance, and to discuss this reduction with the shopping cart system’s developers.  In time it became possible to avoid PCI compliance all together, offloading the security of cardholder data to the PSP’s systems.

How To Maximise The Potential Of Your YouTube Chan...
How Do You Get A Blog?

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 17 November 2018
  • FREE IT STRATEGY SESSION

  • At Bongo IT, we know that technology is increasingly dominant and crucial to maintaining business performance and productivity.

    Organisations should make sure they are making the right IT decisions for their current needs, whilst also planning for the future with flexible and scalable solutions.

  • As a special offer, we are offering a FREE one hour consultation to address your current IT setup and recommend an effective strategy for your future requirements.

    Addressing issues such as computer hardware, broadband, data security, file sharing, compliance and more, we’ll help you build a plan and ensure you deploy the most cost-effective IT strategy for your company’s needs.

CONNECT WITH US

READ OUR BLOG

You have been running your business / charity / CIC on mostly free software and are getting by, so do you really need to invest in a "centralised system"? ...
As you are probably aware, new laws under the general data protection regulation (or GDPR) are now in full force. In our previous blog we covered two-facto...
Two Factor Authentication (2FA) is a quick and easy way to greatly increase your level of security when logging into your systems. Two factor authenticatio...
Earlier this month Microsoft released a blog explaining that OWA (outlook web app) for mobiles will be shutting down on the 15th of May 2018. "On May 15, 2018, ...
Try Out These Deliciously Entertaining Google Easter Eggs What Is An Easter Egg, Andrew?Good question. An Easter Egg is not only a timely chocola...