Contact Us | Select a Language
 
Skip Navigation Links
Home
About Us
Solutions
Professional Services
Software Development
Vendors
Support
Partners
Skip Navigation Links > Professional Services > PCI Remediation Services  
  Randtronics PCI Remediation Services

Overview

The Payment Card Industry Data Security Standard (PCI DSS) includes a set of requirements designed to enhance the protection of payment card data. The standard was developed by the major credit card brands (i.e., Visa, MasterCard, American Express, Discover, and JCB) and any merchant, bank or service provider that stores, processes, or transmits cardholder data is required to comply. Non-compliance may result in substantial fines and penalties as well as potential exclusion from payment card programs.

Randtronics offers a range of professional services designed to help organisations overcome the challenges to achieving PCI DSS compliance:
  • As the Trusted #1 Encryption Expert in Australia and Asia-Pacific we can assist your organisation with the selection, design and deployment of solutions to meet the requirements to protect cardholder data at rest and in motion.
  • Our experienced security consultants can help your organisation get its PCI DSS compliance program on track, through identification of scope, compliance gap analysis, and remediation consulting.

PCI DSS Remediation Services

Protect stored cardholder data (Requirement 3)

For many organisations the encryption of stored payment card data, as mandated by Requirement 3 of the standard, forms one of the key technical challenges to reaching compliance. Randtronics can help your organisation cost effectively and easily comply with PCI DSS encryption needs for data at rest.

We are able to provide encryption subject matter expertise that will enable your organisation to fill in the gaps when discussing Requirement 3 with your QSA. Randtronics encryption skills have been gained over the last 5 years through real deployments for small to large projects. Reference customer testimonials are available through your account manager.

Our solutions based consulting service which is product independent is well regarded in the industry. The perils of implementing wrong encryption solutions can be avoided as we are experienced in designing and deploying solutions that meet your security, performance, compatibility, flexibility, availability and manageability requirements.

Randtronics can also assist your organisation with the implementation of tokenisation solutions. These solutions can reduce the scope of PCI DSS compliance in your environment, or provide compensating controls in cases where encryption may not be feasible on certain legacy platforms. Furthermore, we provide solutions for the masking of payment card data displayed to employees or other parties.

Our consultants follow a proven and refined methodology that allows your organisation to make the right choices and that ensures your chance of successful deployment of a PCI DSS compliant solution.

Randtronics provides a range of Requirement 3 consulting services including requirements understanding, solution design to meet budgetary and political constraints, costing, proof of concept, implementation and post sales support. We also offer services in the areas of data flow analysis, key management analysis, key roll-over services, specialised software development for crypto integration, training and performance benchmarking.


Encrypt transmission of cardholder data across open, public networks (Requirement 4)

Compliance with Requirement 4 of the standard requires that an organisation encrypts cardholder data that is transmitted across open, public networks. This includes transmission over the Internet and wireless communications, as well as any network that the organisation does not own or control, including shared or leased networks.

Randtronics provides a range of Requirement 4 consulting services designed to help your organisation cost effectively and easily comply with PCI DSS encryption needs for data in motion. We have experience in designing and deploying network encryption solutions that are quick to set up, easy to manage, and transparent to network and application performance and behaviour.


PCI DSS Compliance Program (Requirements 1 to 12)

Randtronics security consultants have expertise and experience across all twelve requirements of the PCI DSS. With our consulting services we can help your organisation get its compliance program on track. The PCI DSS Remediation services that Randtronics can provide to your organisation include:
  • Data flow analysis and scope identification
  • Compliance gap analysis and remediation advice
  • Preparation of the Self Assessment Questionnaire (SAQ)
  • Act as the point of contact for your organisation to liaise with your QSA
Additionally, we provide a number of security services that will assist your organisation in meeting PCI DSS requirements, including:
  • Penetration testing, web application security assessments, and application source code reviews (Requirements 6 and 11)
  • System hardening (Requirement 2)
  • Security policy development (Requirement 12)

For More Information
For more information download our PCI Remediation Services and PCI Requirement 3 Services Brochures


Click here for further information about the PCI DSS Compliance


Contact Us

For more information about Randtronics professional services feel free to Contact Us