Most people are unaware that if they handle credit cards, they are obliged to follow a set of rules called the Payment Card Industry Data Security Standard (PCI-DSS). Depending on how many credit cards you handle, this can range from quarterly scans of your network, to requiring exhaustive independent audits.
The cost of not complying can range from severe – having your ability to process credit card payments suspended or cancelled – to catastrophic – paying millions of dollars in compensation as well as hundreds of thousands in punitive fines to the card issuer if you’re the victim of an attack.
iSec services can assist you with PCI compliance, whether you simply need help filling out the questionnaire, or need full level 1 compliance. iSec services offers gap analysis – and we help you overcome this issue. Unlike other organizations that would push you for the regulation, our experts will check to see if you actually need it or can do without it.
Onsite Penetration Testing
Onsite Penetration tests will focus on vulnerabilities which exist on the internal system as seen by an insider. Tests would include penetration testing of entire IT related equipment at the client site. Activities done during these penetration tests include
Remote Penetration Testing
Remote Penetration tests will focus on security and robustness of Information Technology Infrastructure of a client organisation. Penetration tests will cover the servers installed, modems, routers, bridges and authenticating services in use at the client premises.
These penetration tests are done using tools which include third party products as well as our own software. These tests will include following activities:
To ensure we do not accidentally penetrate another company (which can be a felony offense), the client will provide the telephone numbers they use and wish us to test.As an alternative, the client could provide us with a corporate telephone book that is available to all employees. We will use this to ensure we stay within the company’s valid phone number ranges.