MSSP ControlScan Adds PCI Data Security Essentials for Small Businesses
ControlScan, an MSSP that offers managed security and compliance solutions, has integrated the Payment Card Industry (PCI) Data Security Essentials Evaluation Tool into its SecureEdge technology platform. The move comes after the PCI Security Standards Council launched Data Security Essentials earlier this week.
Data Security Essentials provides small businesses with an alternative to the traditional PCI Self-Assessment Questionnaire (SAQ), according to ControlScan. It contains fewer questions than the PCI SAQ and helps small businesses evaluate their security posture and address risks.
In addition to Data Security Essentials, PCI this week announced the following free online resources for small businesses:
- Common Payment Systems: Provides real life visuals to help small businesses identify what type of payment system to use, the risks associated with their system and actions they can take to protect their system.
- Glossary of Payment and Information Security Terms: Defines payment and information security terms.
- Guide to Safe Payments: Offers insights into security basics to protect small businesses against payment data theft.
- PCI Firewall Basics: Outlines firewall configurations and how to set up a firewall.
- Questions to Ask Your Vendors: Includes a list of common vendors that small businesses rely on and specific questions to ask these vendors to ensure they can protect customer payment data.
PCI also offers cyber threat resources designed to safeguard businesses against the following dangers:
- Outdated software.
- Remote access.
- Weak passwords.
The aforementioned PCI resources are now available.
How Does ControlScan Help Businesses Comply with PCI Requirements?
ControlScan offers a variety of PCI compliance services, such as:
- 1-2-3 Self-Assessment: Guides businesses through all aspects of PCI requirements.
- External Vulnerability Scanning: Identifies application- and network-based vulnerabilities across a business’ IT infrastructure.
- Security Awareness Training: Teaches employees how to recognize and avoid everyday security threats and ensure a business’ sensitive payment card data is continuously secure.
As organizations search for ways to comply with PCI mandates, MSSPs may increasingly add PCI compliance offerings to their portfolios.
For example, Netsurion in November partnered with information systems technology provider Lucas Systems to help retailers safeguard their networks and point of sale (POS) systems against cyberattacks. The MSSP provides Lucas Systems customers with tools that they can use to secure their payment card information and comply with PCI mandates.