What is PCI?
Payment Card Industry Data Security Standards enforce compliance between consumers and business entities online. The standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure online. Validation of compliance is performed annually by an external Qualified Security Assessor for organisations handling large volumes of transactions, or by Self-Assessment Questionnaire for companies handling smaller volumes.
PCI + AWS Cloud
ITOC aims to guarantee that PCI compliance is adhered to with the highest of standards. Our consultants will architect the correct PCI solution or verify existing solutions to ensure they are PCI compliant. Questions are commonly raised about the security of financial information hosted in cloud environments. In reality, the cloud can be a highly secure platform and in many cases more secure than an internal data centre alternative.
Our cloud provider Amazon Web Solutions offers PCI DSS validated tokenisation services which will wipe sensitive credit card data from the systems while maintaining analytics. Our consultants will ensure your systems are utilising these services to ensure PCI compliance for your business. This is particularly critical for businesses providing e-merchant facilities.
It is important to note that it is ultimately an individuals responsibility to maintain PCI DSS, as a cloud integrator we cannot be responsible for any pitfalls. Therefore we recommend our clients to understand the PCI validation we offer and to perform their own due diligence.
PCI compliance is an important aspect of your business and should be taken seriously. We encourage inquiries and will do our best to provide you with the information you need.