• BONGO IT BLOG

What is PCI-DSS Consultancy?

Payment Card Industry Data Security Standard (PCI-DSS)

The Payment Card Industry Data Security Standard (PCI-DSS) is an information security standard for organizations that handle cardholder information. All merchants, whether small or large, need to be PCI compliant. The burden of compliance can be daunting at first, but at Bongo IT we are here to help.

You may have noted that in 2018 some of the Payment Service Providers e.g. Barclacard have tightened their regulations and are now providing more difficult questionaires. If you now find yourself stuck, please speak to one of our team.

 

What is involved

Our first step is to document the cardholder data flow. This allows us to understand how sensitive data flows through your systems, and which parts of those systems need to be scanned. We will then look at reducing the number of systems involved in the flow of cardholder data, to lessen the compliance task.

After filling in the correct questionnaire for your level of interaction with cardholder data, we initiate the scan. The scan tests all the systems through which data flows for basic security vulnerabilities. After rectifying any vulnerability, and re-running the scan until no vulnerabilities remain, compliance is achieved. We will then inform your Payment Service Provider (PSP) that you are compliant. The scan will automatically run every 3 months, and will inform you if you ever drop out of compliance.

 

PCI DSS Case Study

Bongo IT was approached by an Oxford-based charity who had been asked by their PSP to become PCI compliant. As there was an urgent deadline, we initially worked to achieve compliance. As on ongoing project we were able to suggest measures to reduce the number of systems requiring compliance, and to discuss this reduction with the shopping cart system’s developers.  In time it became possible to avoid PCI compliance all together, offloading the security of cardholder data to the PSP’s systems.

How To Maximise The Potential Of Your YouTube Chan...
How Do You Get A Blog?

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 19 April 2019
  • FREE IT STRATEGY SESSION

  • At Bongo IT, we know that technology is increasingly dominant and crucial to maintaining business performance and productivity.

    Organisations should make sure they are making the right IT decisions for their current needs, whilst also planning for the future with flexible and scalable solutions.

  • As a special offer, we are offering a FREE one hour consultation to address your current IT setup and recommend an effective strategy for your future requirements.

    Addressing issues such as computer hardware, broadband, data security, file sharing, compliance and more, we’ll help you build a plan and ensure you deploy the most cost-effective IT strategy for your company’s needs.

CONNECT WITH US

READ OUR BLOG

Our Experience With Business NetworkingBusiness networking comes in all shapes and sizes, and at a huge range of costs. We don't think that you have to spend th...
In the beginning there was Lync. Then we got Skype for Business (SfB), which is a nice product, much like Skype (personal edition) but far more fully featured. ...
A new study performed by ISE and funded by the Washington Post has found that many of the top Windows 10 password managers are vulnerable to malicious atta...
As businesses grow and develop, failure with IT systems will inevitably occur and qualified assistance will be needed to fix the problems. Unfortunately, many I...
All SMEs and smaller charities rely on IT, but do not always have the time, skills or knowledge to fix problems when they occur, which can have a negative impac...