About Regents and Park
Regents & Park was created to help Southern California business address its most urgent IT Security needs. Companies are required to address financial controls such as Sarbanes Oxley, data security controls like PCI-DSS and data privacy control like HIPAA as well all the other IT Security initiatives such as responding to customer security audits. Since its formation we grown and now support international insurance companies, government agencies and automobile manufacturers.
Most recently Regents & Park has expanded its vCISO service into a number clients relieving them of the resource consuming task of managing IT Security strategy, responding to customers, auditors and investors and allowing them to focus on their business growth and stainability .
INTELLIGENCE
Our team can prepare you to react faster and defend better with research, testing and assessment services.
INTELLIGENCE
Our team can prepare you to react faster and defend better with research, testing and assessment services.
INTELLIGENCE
Our team can prepare you to react faster and defend better with research, testing and assessment services.
PCI-DSS 4.0 is Here
The PCI council has provided clarification on a number of key areas of the PCI-DSS standard in version 4.0. With the latest version available is it now time to consider Tokenization. Are you able to take that legacy point of sale and connect a brand new tokenized card reader and do away with your SAQ-D and all its complexity while perhaps lowering your exposure with a SAQ P2P. With only 2 sections and three PCI requirements necessary the P2P (Peer-to-peer – No Electronic Cardholder Data Storage) SAQ could save you time, money and most importantly lower your risk.
Technology Partners
Have Question? Get the Answer
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store ortransmit credit card information maintain a secure environment. Essentially any merchant that has a Merchant ID (MID).
The Payment Card Industry Security Standards Council (PCI SSC) was launched on September 7, 2006 to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with focus on improving payment account security throughout the transaction process. The PCI DSS is administered and managed by the PCI SSC (www.pcisecuritystandards.org), an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB.).
It is important to note, the payment brands and acquirers are responsible for enforcing compliance, not the PCI council.
A copy of the PCI DSS is available here.
It’s a matter of following the 12 requirements in the standard, working with your acquiring bank and using the tools offered through the Council. Remember that PCI DSS compliance is an ongoing process, not a one-time event. You’ll need to continuously assess your operations, fix any vulnerabilities that are identified, and make the required reports to the acquiring bank and card brands you do business with.
Details are available here.
In security terms, it means that your business adheres to the PCI DSS requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. In operational terms, it means that you are playing your role to make sure your customers’ payment card data is being kept safe throughout every transaction, and that they – and you – can have confidence that they’re protected against the pain and cost of data breaches.