Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is a 24 hour a day, seven days a week, 365 days a year endeavor. Point-in-time compliance is not enough. Organizations are learning that achieving and maintaining PCI compliance doesn’t have to be cost prohibitive or require days from key personnel to gather, correlate, and present proof of compliance.
Solutionary works with clients to develop successful strategies, matching PCI DSS requirements with their workflow and compliance needs to make complying easier and less costly. Solutionary managed security and Professional Security Services address all twelve requirements for PCI DSS compliance.
Solutionary is a PCI Approved Scanning Vendor (ASV) and Qualified Security Assessment Company (QSAC). Solutionary services are delivered by experienced, certified security experts, including PCI Qualified Security Assessors (QSAs) and PCI Payment Application (PA-QSAs). Solutionary was one of the first adopters of the PCI QSA and ASV programs and has an extensive list of PCI clients spanning multiple industries since joining the compliance program in its first year.
|Assess and Measure Gaps||PCI-mandated assessment methodology performed by experienced QSAs; prioritized and actionable recommendations; peer benchmarking; experienced certified security experts|
|Remediate and Enhance||Experienced certified security experts; security program, policy, and procedures design, services, tools, and process implementation|
|Execute and Monitor||PCI-compliant log management, log monitoring, vulnerability management, and security device management|
|Demonstrate Compliance||Pre-defined PCI-compliant and customizable reporting; secure evidence repository for all PCI compliance related assessments, results, and reports; integrated ticketing with assignment, tracking, and journaling|
|Compliance Activity||Solutionary Services / Capabilities||Regulatory Mapping|
Assess compliance state;
Measure gaps from regulations
|Professional Security Services gap audits; Security Consulting Services ROC audits; PCI QSAs||All of PCI DSS|
Enhance security and compliance program
|Professional Security Services; PCI QSAs; Security Device Management; Log Monitoring; Log Management; ASV certified vulnerability scans; internal vulnerability scanning; managed application assessments; network penetration testing; application penetration testing||All of PCI DSS|
|Execute and monitor security and compliance program||Log Monitoring; Log Management; Security Device Management; ATM security monitoring management; Change enforcement control services; Security Device Management|
|Demonstrate compliance with regulations||Evidence Log Vault; security compliance reporting|
PCI DSS Compliance Datasheet