Sense of Security is one of Australia’s most trusted providers of cyber resilience, information security and risk management services.
Sense of Security is a PCI Standards Council Qualified Security Assessor Company (QSAC). Our experienced team can assess your level of PCI compliance and work with you to close any gaps.
To be PCI compliant you must meet all 12 PCI compliance requirements within six control objectives. These are:
Requirement 1: Install and maintain a firewall to protect cardholder data.
Requirement 2: Do not use vendor-supplied defaults for system passwords, and other security parameters.
Requirement 3: Satisfactorily protect stored cardholder data.
Requirement 4: Encrypt transmission of cardholder data across open, public networks.
Requirement 5: Protect all systems against malware, and regularly update anti-virus software.
Requirement 6: Develop and maintain secure systems and applications.
Requirement 7: Restrict access to cardholder data.
Requirement 8: Identify and authenticate access to system components.
Requirement 9: Restrict physical access to cardholder data.
Requirement 10: Track and monitor all access to network resources and cardholder data.
Requirement 11: Regularly test security systems and processes.
Requirement 12: Maintain a policy that addresses information security for all personnel.
Our team has experience and knowledge across all these control objectives. We can work with you to design and implement a system to ensure your business meets PCI compliance standards.
Your PCI DSS compliance must be certified by a Qualified Security Assessor (QSA).
Our QSAs are trained by the PCI Standards Council to understand, and help you meet, PCI audit requirements.
Even if you are eligible to self-assess, engaging a QSA to for guidance and advice can smooth your progress. We can assess all requirements or tailor a solution to focus on areas you are trying to strengthen.
Your journey towards PCI compliance can be difficult without appropriate advice and guidance. Sense of Security can:
Our team can tailor an information security management program to maintain your business’s PCI compliance.
In a typical security management plan, each quarter we:
Annually, we conduct:
Regular tests and scans of your systems are the only way to demonstrate that they remain PCI compliant.