All merchants, no matter the size, who accept credit cards online need to be compliant with the PCI Data Security Standard (PCI DSS). PCI compliance means that your business meets the technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. These requirements are designed to: Build and maintain a secure network; Protect cardholder data; Ensure the maintenance of vulnerability management programs; Implement strong access control measures; Regularly monitor and test networks; and Ensure the maintenance of information security policies.
Failure to comply can have serious long-term consequences for your eCommerce business. If you are responsible for a security breach you can be fined, have your ability to access payment cards terminated, and will be forced to deal with legal costs and judgments. Aydus has options available to help organizations become PCI DSS-compliant so that you can protect your cardholders’ data, keep your reputation intact, and conduct business effectively.
Aydus offers three separate audit levels – Basic, Preferred, and Premium. Below are details for each option and descriptions of what they include.
Our Basic package comes with an extensive Vulnerability Report as well as an Automated Blackbox Audit.
The Preferred package, our most popular option, includes a Vulnerability Report, Automated Blackbox Audit, Hands-On Whitebox Audit, and Social Engineering Audit.
The Premium package is our most extensive package that includes onsite support through our PCI Compliance Audit in addition to a Vulnerability Report, Automated Blackbox Audit, Hands-On Whitebox Audit, and Social Engineering Audit.
- Vulnerability Report – With each level you will receive a detailed report that identifies any vulnerabilities that were found, gives an estimate of the time needed to resolve them, and lists any additional security recommendations.
- Blackbox Audit – As part of the Blackbox Audit we run an external PCI network security scan across your servers and site and perform vulnerability cross reference checks across applications, firewalls, routers, and servers.
- Hands-On Application Whitebox Audit – We perform a Hands-On Application Whitebox Audit from inside your servers in order to Identify vulnerabilities and best practices across applications, servers, internal network, firewalls, routers, and user accounts.
- Social Engineering Security Audit – Our Social Engineering Security Audit includes phone and email based social vulnerability testing and optional developer security interviews.
- PCI Compliance Audit – An on-site PCI gap analysis and compliance assessment that evaluates your company’s readiness to pass a PCI On-Site Assessment.
We can help you decide the best solution for your business. Contact us to begin the next steps based on the security audit option you select.