About CounterStrike CounterStrike Electronic Security
CounterStrike Home PageContact CounterStrikeAudit and ComplianceComputer Network SecurityInvestigations and IntelligenceTechnical Security Countermeasures

Payment Card Industry Data
Security Standard (PCI DSS)

The PCI Security Standards Council is an open
global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. The organization was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc.

PCI Data Security Standard (PCI DSS) provides an actionable framework for developing a robust payment card data security process -- including prevention,

detection and appropriate reaction to security incidents. PCI applies to ALL organizations or merchants, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data. In other words, if a customer of an organization pays a merchant directly using a credit, debit or prepaid card, the PCI DSS requirements apply.

Cardholder data is any personally identifiable data associated with a cardholder. This could be an account number, expiration date, name, address, social security number, etc. All personally identifiable information associated with the cardholder that is stored, processed, or transmitted is also considered cardholder data.

Validation of compliance is done annually - by an external Qualified Security Assessor (QSA) and CounterStrike has some of the best in the business that can write a credible Report on Compliance (ROC) to submit to the card associations which is essentially an independent validation that the merchant is in compliance with PCI DSS.

CounterStrike can also provide you with PCI requirements assistance, including:

Vulnerability Scanning

Security scans assist in the identification of vulnerabilities and mis-configuration of web sites, applications, and information technology (IT) infrastructures with Internet-facing IP's.

Penetration Testing

The purpose of penetration testing is to footprint, enumerate and potentially exploit vulnerabilities in web application(s) and network infrastructure using automated tools and manual mechanisms, above and beyond what simple automated scanning tools can achieve.

Network and application penetration tests are different from vulnerability scans in that penetration tests are more manual. They attempt to actually exploit some of the vulnerabilities identified in scans, and follow practices used by hackers to take advantage of weak security systems or processes.

Policies & Procedures Documentation

Development and implementation of clear and comprehensive documentation is vital for any organization that wishes to achieve PCI compliance. CounterStrike is an expert in writing PCI compliant policies and procedures for any size organization.

Security Awareness Training

CounterStrike specifically tailors training to the existing knowledge and attitude of members of an organization regarding the protection of the physical and, especially, information assets of that organization to achieve a long term shift in the attitude of employees towards security, while promoting a cultural and behavioral change for all workers when they join the organization and periodically thereafter, usually annually.

PCI Gap Analysis

CounterStrike PCI professionals will perform a gap analysis and perform the required testing to be able to inform the client of the controls that need remediation to achieve PCI compliance. The assessment will include a review of the cardholder production network (including vulnerability and penetration testing) and supporting technical documentation. The assessment process may include interviews with company personnel to determine what PCI requirements are in place and where remediation is required.

Contact CounterStrike for all of your PCI DSS needs today!


Home  |   About Us  |   Contact Us  |   Site Map
Audit & Compliance  |   Computer Network Security  |   Investigations & Intelligence  |   Technical Security Countermeasures
BSA / AML  |   e Discovery Forensics  |   FISMA  |   HIPAA / HITECH Act  |   ISO 27000  |   PCI DSS  |   SSAE 16  |   TR-39  |   FedRAMP

Contact Us: Telephone 307-432-1092  |  E-mail: help@counterstrike.com
Copyright © 1999-, CounterStrike. All rights reserved.