Clone Systems is positioned in the forefront of providing Level 1 and Level 2 vendor compliance services with the Payment Card Industry Data Security Standard. PCI DSS is a self-imposed mandate by the payment card industry for safeguarding all data associated with credit and debit card transactions. It applies to all companies that process and maintain cardholder data, and is endorsed by Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB.
The critical importance of safeguarding personal transaction data cannot be overestimated. It speaks to the credibility of an organization, the integrity of its business practices, and ultimately its veracity as a business itself.
Clone Systems is an approved scanning vendor for PCI (PCI ASV) and a certified PCI Compliant Service Provider. Our PCI ASV designation allows us to perform PCI-sanctioned vulnerability scans on your network devices. Our PCI Compliant Service Provider status assures you that our strategy meets or exceeds all existing PCI standards.
We employ a multi-tiered, comprehensive suite of services to assure PCI DSS-compliance and perform frequent assessments of our solutions in the facing of changing and emerging technologies. PCI DSS is a road map of a changing road, and we will not use obsolete strategies in an arena of such high stakes.
Clone Systems® – PCI Certifications and Experience
Clone Systems’ services effectively address all twelve areas of the PCI DSS mandate. Vendors will be required to have in place an infrastructure that will address each of these areas by 2011. Minnesota and Massachusetts have meanwhile codified several areas of the PCI DSS framework into law, underscoring the recognition of the importance of the issue.
The 12 points of PCI DSS-compliance are:
Building and Maintaining a Secure Network
- Installing and maintaining a firewall configuration to protect cardholder data
- Removing vendor supplied defaults for system passwords and other security parameters
- Protecting stored car holder data
- Encrypting transmission of cardholder data across open, public networks
Maintaining a Vulnerability Management Program
- Using and regularly updating anti-virus software or programs
- Developing and maintaining secure systems and applications
- Implementing strong access control measures
- Restricting access to cardholder data by business need- to-know
- Assigning unique IDs to each person with computer access
- Restricting physical access to cardholder data
- Tracking and monitoring all access to network resources and cardholder data
- Regular testing of security systems and processes
Maintaining an Information Security Policy
- Maintaining a policy that addresses information security for employees and contractors
How Clone Systems addresses each discreet area of compliance is outlined here:
http://www.clone-systems.com/PCI-Compliance-Guide.html
Our veteran team of network engineers and security specialists coordinate an encompassing PCI DSS strategy based on your existing topology, system configuration, and processing requirements. There are nuanced aspects to our PCI evaluation that account for changes in technologies, modifications to the PCI DSS mandates, and ultimate scalability of an installation while retaining the compliance designation.
Our solution suite entails shipping you a network appliance that contains all the tools necessary to meet compliance. All logs from firewalls, network IDS systems, host-based IDS (HIDS) systems, and Windows/Linux servers are subsequently monitored from our network operations center. You will have access to review logs in real-time, have the ability to generate on-demand reports, and perform thorough Clone Systems’ vulnerability scans both internally and externally utilizing our web based Security Information Portal (SIP).
Clone Guard® PCI Solution Suite - The Roadmap to Compliance
Clone Systems’ Clone Guard® PCI Solutions are service suites that guarantees rigorous adherence to the PCI DSS standards for both Level 1 and Level 2 vendors and merchants. They include:
PCI Corporate Package - For Level 2 Merchants – IDS (1); SIM (50 hosts); FIM (50 hosts); Internal Vulnerability Scanning (up to 255 IPs); PCI Scanning (up to 255 IPs)
PCI Enterprise Package - For Level 1 or Level 2 – IDS (2); SIM (100 hosts); FIM (100 hosts); Internal Vulnerability Scanning (up to 512 IPs); PCI Scanning (up to 512 IPs)
PCI Multi-Site Package - For Level 1 – IDS (3+); SIM (150+ hosts); FIM (150+ hosts); Internal Vulnerability Scanning (1024+ IPs); PCI Scanning (1024+ IPs)
Each Clone Guard® Solutions Suite implicitly acknowledges the ongoing requirements of PCI DSS-compliance. Our managed solution model meet these by assuring that all logs are monitored from critical devices and that vulnerability scans are duly scheduled and performed. The security oversight and the security application appliance are included in the single monthly fee.
Our company has earned the reputation as a premier network security specialist, and we have distinguished ourselves as an exceptionally reliable service provider in this critical and specific arena. We have done so because our areas of expertise are as wide and embracing as the contours of the PCI mandate itself. It requires both the business and technical acumen of an accomplished professional staff to address all the often-disparate components of a successful PCI DSS-compliance program.
Contact one of our service representatives to find out more about PCI DSS-compliance, and how Clone Systems can make your enterprise a fault-tolerant, secure environment for virtually any volume of transaction processing. We take the responsibility very seriously indeed.
Request a Quote
