Our Approach : PCI Compliance Services

As the largest industry-sponsored security requirements to aggressively address debilitating fraud and identity theft, the Payment Card Industry (PCI) Data Security and Program has serious implications for Merchants and Payment Service Providers globally. Initiated by Visa and MasterCard in 2004, the program now encompasses American Express, Discover, JCB, and other major credit card issuers.

As a Merchant or Payment Service Provider, you are responsible for ensuring you meet and maintain compliance with the PCI Data Security Standard. The PCI program defines requirements for the protection of consumers' sensitive and personal payment card information while in transit, storage, or during processing.

The PCI Data Security Standard defines twelve broad control requirement areas that apply to merchants, payment service providers and other vendors that provide service or technologies to facilitate transaction processes. These control requirements include technology controls, access controls, and activity monitoring, as well as procedural mandates affecting the security of networks, systems and applications.

The Payment Card Industry has defined the types of activities that are necessary to ensure compliance against the PCI Data Security Standard. Merchants and Payment Service Providers are required to perform vulnerability scans on a quarterly basis and most are required to perform an annual audit.

Networks Group (NWG) is a leading provider of PCI Compliance Services, and as a Qualified Security Assessor (QSA) we can help you achieve PCI compliance through our comprehensive assessment and audit services. NWG has implemented a PCI Services Team dedicated to advising our clients as well as guiding them through the audit process.

NWG's broad security experience with companies of all sizes and industries gives us the perspective to guide our customers through the process of becoming compliant. Our PCI HealthCheck assessment service provides a gap analysis to identify what is required to meet the PCI standard. Our trusted advisor services allow us to guide our clients in creating a comprehensive security program that secures their business assets and meets established security standards.

With our quality-focused, highly-tuned delivery methodology and toolset, you can count on NWG's unsurpassed security expertise. Our security practice is comprised of some of the most experienced security consulting people in the world, and is deeply engaged in the science, technology and the art of information protection. Our security consultants maintain certifications across leading security disciplines and technologies, and have extensive knowledge and experience with current security standards, best practices, and government regulations, including ISO 17799/BS 7799, HIPAA, Sarbanes-Oxley and Gramm-Leach Bliley.

The NWG Approach

With each consulting engagement, NWG takes a business-centric approach to mapping people, process and technology with corporate objectives. Utilizing our structured methodologies, our consultants work closely with your executive and functional staff to understand your business needs, deliver in-depth analyses and provide solution recommendations. We also ensure thorough knowledge transfer via hands-on explanations, formalized training for key personnel and detailed engagement deliverables to help you establish an operational framework as a foundation for continued success. With over 10 years of technology integration and business solution delivery experience, our expertise spans the entire IT enterprise, from strategy, planning, compliance and governance to networking, security and integration. By combining our comprehensive expertise with our best practices and proven processes, we are able to deliver consistent and exemplary results that help innovate your business operations and create continuous improvement.

Realize the Results

  • Ensure you are compliant with the PCI Data Security Standard
  • Reduce the risk of your customer data becoming compromised
  • Help maintain Customer goodwill and credibility
  • Identify and remediate vulnerabilities
  • Consolidate disparate regulatory compliance initiatives through a single vendor
  • Understand compliance requirements from a business perspective

About NWG

NWG is a leading provider of business-driven information technology consulting solutions. For more then a decade, we've been helping organizations effectively use technology to achieve strategic goals and drive business growth. Our unique solution portfolio enables our customers to reduce cost, increase flexibility, strengthen security, ensure compliance and improve efficiency.

PCI Assessment and Remediation Services

The NWG PCI HealthCheck Assessment follows the same process as an audit to generate a gap analysis and a set of recommendations to be used as an action plan to compliance. NWG's remediation services support our clients in implementing standards based security programs that will secure their businesses and meet the PCI Standard.

Your PCI HealthCheck Assessment will verify and assess the effectiveness of several security measures, such as:

  • Integrity of firewalls used to protect affected data systems
  • Adequate protection of stored data
  • Verification of encryption controls
  • Access controls and identity management
  • Policies and supporting documentation
  • Processes and system security (i.e., patch management, virus controls, etc.)
  • Physical security.

At the conclusion of the assessment, NWG will provide a set of recommendations for each area of the PCI Standard.

PCI Audit Services

Organizations which are defined as Tier One Merchants in the PCI Standard are required to be audited by a PCI Standards Council approved organization. As a Qualified Security Assessor (QSA) NWG is authorized to perform your PCI Compliance Audit.

The PCI Audit validates compliance to the 12 requirements of the PCI Data Security Standard which relates to:

  • Building and maintaining a secure Network;
  • Protecting cardholder data;
  • Maintaining vulnerability management programs;
  • Implementing strong access control measures;
  • Regular monitoring and testing of networks; and
  • Maintaining information security policies.

At the conclusion of the PCI Compliance Audit, NWG will submit all required reports to all applicable parties.