Business Security Solutions

Implement Safer Credit Card Transactions For Your Customers

As a merchant or service provider, your customers trust you to safeguard their confidential data. Every time they hand over a credit card, you are responsible for keeping the resulting transaction secure, while maintaining the availability, integrity and confidentiality of your customers’ data. Yet, until recently, if you wanted to implement secure credit card transactions, you had to follow different standards for each major credit card company.

The Payment Card Data Security Standard (PCI DSS) was created to streamline these disparate requirements and compliance criteria. However, even under this streamlined approach, implementing PCI DSS can be both complex and costly.

Allstream PCI Security Services eliminate this complexity by supporting the implementation of PCI DSS into your credit card processing environment. This new industry-wide credit card security standard is supported by all major credit card companies and is designed to protect cardholder information wherever it resides, making transactions more secure for customers, merchants and vendors.

The Protection Your Business Demands

Allstream’s PCI Security Services engage security specialists with extensive industry-wide experience in leveraging the latest tools and processes. We have been approved by the PCI Security Standards Council as a Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV).

Relying on this vast experience and an established methodology, we review your current credit card processing environment, identify any gaps and make recommendations designed to help you adhere to the standard’s six key control objectives by:

• Building and maintaining a secure network with appropriate firewall configurations and system passwords.
• Protecting cardholder data through encryption and other robust security measures.
• Maintaining a vulnerability management program by regularly updating anti-virus software and developing secure systems and applications.
• Implementing strong access control measures that restrict access to cardholder data to authorized personnel.
• Regularly monitoring and testing networks to ensure ongoing compliance.
• Maintaining an information security policy to address the broad range of information security issues throughout your organization.

Maximizing Value for Your Business

If your business relies on credit card transactions, PCI DSS compliance brings significant advantages to your operations:

• Increased data availability. More streamlined data management accelerates processing performance and reduces transaction turnaround times.
• Greater private data confidentiality and integrity. Across-the-board improvements in security processes result in more secure end-to-end transactions.
• Increased customer confidence. Greater trust drives more consistent future business and reduces churn.
• Reduced fraud- and misuse-related liabilities. Following this industry-accepted processing standard lowers the rate of security vulnerability and the legal exposure and cost that come with it.
• Lessened risk of sanctions. Non-compliance with the new standard could cost merchants and providers up to $500,000 in fines for each instance. You could also face higher processing fees and denial of transaction processing services.
• Stronger overall security culture. Stronger credit card transaction security sets the stage for a deeper overall security maturity throughout your organization. Beyond PCI, we can help boost your capabilities in the following areas: Enterprise Security Risk Management; Network and Application Security; Security Technology Provisioning, Architecture and Deployment; Privacy Management; Identity and Access Management; and Managed Security Services.

Key Offerings

PCI Data Security Readiness Review

An on-site gap analysis of the existing policies and cardholder information processing environment as compared to PCI Data Security Standards

PCI Data Security Assessment

A comprehensive on-site audit of the cardholder information processing environment in accordance with PCI Data Security Standards and Audit Procedures

PCI Security Scanning Service

A remote scan of the customer’s Internet facing IP addresses in accordance with PCI security scanning procedures.

PCI Data Security Remediation Service

A consolidation and remediation of gaps found in your cardholder information processing environment after a PCI Security Assessment.