- IBM Certified Refurbished
- eCycling Services
- Networking
- Data Center Planning
PCI Remediation
Penetration Testing
Policy Review and Development
Project Management
Sarbanes-Oxley
SAS70 Preparation
Security Compliance
Security Review Training
Social Engineering Reviews
Training & Staff Augmentation
Vulnerability Assessment
QSA Services
ON-SITE SECURITY ASSESSMENTS PERFORMED BY A QUALIFIED SECURITY ASSESSOR
PCI DSS
Payment Card Industry (PCI) Data Security Standard (DSS) is a compilation of best practices that were created by the major credit card companies to protect their customers from increasing identity theft and security breaches. Any company that stores, processes and/or transmits cardholder data needs to maintain compliance with PCI requirements. Failure to comply with these standards may result in heavy fines, restrictions, or permanent expulsion from credit card acceptance companies.
Among validation requirements are an Annual onsite review by QSA (Qualified Security Assessor) and Quarterly network scan by ASV (Approved Scanning Vendor).
HOW CAN LIGHTHOUSE HELP?
Lighthouse Computer Services is a leading provider of global PCI compliance services. As one of approximately 50 select firms worldwide certified as a PCI Qualified Security Assessor (QSA), Lighthouse is highly trained to help merchants and service providers achieve full compliance with the PCI Data Security Standard.
Our ASV- and QSA-certified teams — made up of CISA-certified auditors, network engineers, and project managers — are information security experts. Lighthouse’s ASVs and QSAs are highly trained to conduct technologically complex security assessments and scanning services to help you:
- Ensure consistent and proper application of security measures and controls
- Reduce the risk of customer data being compromised
- Reduce the risk of online credit card fraud
- Identify and remediate vulnerabilities
QSA SERVICES
The PCI Data Security Standards state that service providers and all merchants processing more than 6 million transactions per year or whose data has been compromised require an annual on-site review to be performed by a certified PCI Qualified Security Assessor (QSA).
Using the standards set forth in the PCI Security Audit Procedures, Lighthouse’s QSA team performs an initial on-site security assessment to identify any compliance gaps that need to be resolved before compliance can be achieved.
QSAs performing the PCI data security assessment are responsible for the following:
- Being on-site for the duration of the assessment
- Ensuring adherence to the PCI Security Audit Procedures
- Scoping decisions
- Selecting systems and system components where sampling is employed
- Evaluating compensating controls
- Producing the final report on compliance
VULNERABILITY RESOLUTION
Following the on-site security audit, Lighthouse QSAs offer guidance and expertise for remediation of vulnerabilities found through the assessment. Our security consulting practice can provide network security services and solutions that address:
- Intrusion Detection Systems (IDS)
- Virtual Private Networks (Remote User Access)
- Data Encryption
- Firewalls Security including Firewall Design and Implementation
- Network Security Services
- IT Policies Development
COMPLIANCE REPORTING
Once Lighthouse confirms that the organization is in compliance, the QSA will produce a Report of Compliance (ROC) to be submitted according to each card's requirements.
Click here for a list of qualified QSAs recognized by the PCI Security Standards Council.
For more information or to schedule a no-cost initial consultation, please contact info@lighthousecs.com or call 401-334-0799.
