December 2004 saw the release of the Payment Card Industry (PCI) Data Security Standard (DSS) by Visa and MasterCard. American Express, Discover, and JCB have since endorsed the PCI Digital Security Standard and formed the PCI Standards Council, making it an industry standard.

QuietMove has been qualified to perform PCI standards testing since their first incarnation as the MasterCard SDP Compliance program, and is now a PCI Standards Council Approved Scanning Vendor.

Total PCI Compliance Management

QuietMove offers more than just a testing service– our comprehensive methodology is designed to remove layers of complexity and manage your entire PCI compliance process, including

• Managing compliance deadlines and annual self assessment paperwork.
• We can assist in preparation of your annual self assessment.
• Configuration hardening advice for you to apply before your first test, facilitating rapid compliance.
• We will manage your compliance process by interfacing with your IT staff and managed services and web hosting providers.
• Your test will be performed by an CISSP certified PCI Data Security Standard expert, not just an automated tool.
• Most importantly, unlike some of our competition, our documentation conforms 100% to the details required by the PCI Data Security Standard. This ensures you’re in the best position possible in the event of the compromise of card data… and less likely to be fined.

PCI Security: More than a Compliance Checkbox.

Our proprietary, standards-based methodology ensures that you go beyond achieving and keeping your PCI certification. The objective is to help you adopt a more aggressive security posture than the bare minimum required, using the infrastructure you have in place now.

Unlike automated services in which a false positive which you can’t prevent from appearing can mean the difference between compliance and noncompliance, a PCI Data Security Standard certified CISSP with extensive assessment experience performs the test. Our assessors are certified to disallow false positives created by automated scanning tools. If your scan does not show compliance, our assessors will create a detailed remediation plan for you, review it with you on a conference call, and offer unlimited email support.
QuietMove has built a comprehensive methodology for making sure our customers meet and exceed the PCI standards – the first time.

Why QuietMove?

We bring an unparalleled level of professional information security risk assessment services to support the payment industry in protecting consumers with:

• Security expertise from QuietMove’s professional team of CISSP security professionals who have performed hundreds of risk and vulnerability assessments.
• Detailed advance advice plus an optional phone call before we perform the test to ensure that you have the time to remediate configurations before testing begins, increasing your chances of compliance on the first test.
• Comprehensive evaluation of your information security program.
• Detailed daily status reports.
• Gap analysis to determine requirements for PCI compliance .
• Detailed recommendations for improving your security posture beyond the minimum PCI requirements. We know that you expect more from a manual testing service than the cutting and pasting of findings into a report, as many of our competitors do. We look at building each report and recommendation plan with the care and attention to detail that would go into building a custom race car.
• Unlimited support by email, plus one remediation planning session by conference call after each test.
• PCI Incident Response service can be purchased by our PCI customers to help ensure full compliance and avoid an expensive fine in case of compromise.

QuietMove’s comprehensive methodology, client-interactive project management, and detailed documentation ensure that you not only achieve and keep PCI certification, but also maintain a more aggressive security posture than the minimum required.If you’re processing more than 20,000 transactions a year, you must have a quarterly scan performed. The cost difference between a fully automated test and our manual test is small.

What is ensuring your PCI compliance worth?

Failure to meet PCI requirements can cost merchants and service providers in terms of fines or even losing the ability to process credit cards. Don’t leave your compliance in the hands of a purely automated tool - our hybrid approach will help you get and stay compliant.

Get On the Road to PCI Compliance Today

For more information about our PCI Compliance services, please contact us.

QuietMove’s PCI ASV Certified Scanning Vendor Certificate number is 4140-01-02.