SMT

Resource

Center

 

Coming Soon

Security Management Technology Center Develop Elearning, FAQ , New Center...

SMT BLOG

Security vulnerabilities of Internet facing systems can potentially have severe, wide-reaching implications for your organization. SMT with Cognosec’s certified ASV Scans will identify weaknesses and vulnerabilities as well as quantify their severity – allowing them to be managed efficiently and effectively. Doing so will

  • Fulfill the PCI DSS Requirement 11.2 for quarterly vulnerability scans performed by an ASV.
  • Provide proof of due diligence to regulators, customers and shareholders.
  • Prevent financial loss through fraud or unreliable infrastructure.
  • Protect your brand against the loss of reputation.

It is imperative that any individual capable of accessing information technologies in an organization understands the value of the resources at their disposal and their responsibility of keeping those resources from being abused. Careless or unaware individuals could potentially disrupt an organizations IT systems or accidentally allow for unauthorized access to systems.

To address PCI DSS requirements 12.5 and 12.6, which refer to the distribution of security polices throughout the company and the existence of a formal security program, SMT offers full support in the development of security policies and security awareness programs. The SMT Security Awareness Program is designed to help you raise the level of understanding of how important security is today, and to help you push responsibility throughout the company.

Variances between the PCI DSS and an organization’s currently established policies and practices detected in the gap assessment need to be addressed. Any entity that accepts payment card transactions must be compliant with all 12 elements of the PCI Data Security Standard.

  1. Install and maintain a firewall configuration to protect cardholder data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
  3. Protect stored data
  4. Encrypt transmission of cardholder data across open, public networks
  5. Use and regularly update anti-virus software or programs
  6. Develop and maintain secure systems and applications
  7. Restrict access to cardholder data by business need-to-know
  8. Assign a unique ID to each person with computer access
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to network resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security for all personnel

Many companies already have security standards and procedures in place, but as the world is conforming to one standard, a re-assessment is often necessary. A PCI Gap Assessment is an analysis on the variances between established security standards and those required by the PCI SSC for PCI certification.

About SMT

SMT strong team of highly qualified consultants, certified and well-trained technical engineers who are capable of understanding our customers’ needs in order to make sure providing them with right technology and world-class of services surrounding today’s Information Security Technology .

Newsletter

Subscribe to our newsletter and stay updated on the latest news and special offers!
Please wait