Security & Compliance
Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is vital to all merchants that store, process or transmit credit cards. Becoming PCI compliant requires a much more comprehensive set of technologies and processes designed to manage the risks associated with credit card fraud. More than just technology and tasks, PCI compliance requires an in-depth security program to manage risks.
Reliant is a market leader in PCI DSS compliance technology solutions for retail merchants. Our products and services help our clients meet the PCI DSS control objectives. For years, Reliant has helped merchants develop strategic and comprehensive data security programs that comply with the payment card industry requirements.
You can trust our in-depth expertise in retail and network technology and PCI DSS Requirements. Our team is QIR, CISSP, and CISM-certified. Reliant is also an active member of the PCI Security Standards Council.
PCI Data Security Standard for Merchants and Processors
- Install and maintain a firewall configuration to protect data
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect stored data
- Encrypt transmission of cardholder data and sensitive information across public networks
- Use and regularly update anti-virus software
- Develop and maintain secure systems and applications
- Restrict access to data by business need-to-know
- Assign a unique ID to each person with computer access
- Restrict physical access to cardholder data
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
- Maintain a policy that addresses information security
Gap Analysis Overview
Reliant reviews our clients’ IT environment specifically as it relates to each component of the transaction processing path and PCI DSS requirements. The result of our analysis will provide the assessment, road map and recommendations for security and compliance.
Based on the evaluation, Reliant provides a Cardholder Data Environment Characterization. This document includes detailed dataflow diagrams illustrating how business processes store, process and transmit sensitive payment card data. In addition to detailing processes, Reliant records and documents relevant details associated with the technology environment used to process card data. Once the payment card environment is defined, gaps are properly assessed.
A gap analysis includes documentation review, on-site evaluations and network vulnerability scans. To begin the process, Reliant reviews client security policies, standards and configuration guidelines. These documents are used to provide detailed assessment of the client’s PCI compliance posture.
Based on this, Reliant provides remediation-planning solutions. These solutions range from a high-level road map illustrating tasks and time frames required for PCI compliance, to detailed control design documents. Reliant’s PCI Remediation services include:
- Security Program Development
- Card Processing Architecture
- Technical Controls Design
- Policies and Procedures
Reliant’s PCI Assessment Deliverables
- Scope of the assessment, specifying systems investigated, number of sites visited and number of network components scanned and/or evaluated
- Dataflow diagrams for all identified payment applications and processes
- Analysis of vulnerabilities, including a prioritization of security issues based on threat likelihood and economic impact across retail and headquarters environments
- Analysis of key compliance gaps between the current information security state and the PCI requirements, across headquarters, store locations and e-commerce environments
- Remediation road map, outlining critical remediation projects and IT controls necessary for compliance
Proven Innovation & Expertise
Reliant has a proven track record of innovation in data security and compliance. Reliant was the first solutions provider to deliver a comprehensive security appliance for merchants with distributed locations that satisfies each of the PCI DSS technical controls.
Reliant Platform is designed to provide broad, integrated and high-performance protection against data security threats, while simplifying and reducing the costs of PCI remediation.
You can trust Reliant to deliver an accurate PCI Assessment and industry-leading security solutions for your business.
For more information, see our data sheet.
If you wish to speak with someone directly about our capabilities, send us an e-mail or call us at 917-338-2200.