nGuard

----

Speak to An Expert

Solutions / Compliance / PCI Compliance

PCI Compliance

nGuard takes the complexity out of PCI compliance. We help our clients navigate the requirements and determine the most cost effective approach to reach their compliance goals.

Solutions
Speak to an Expert

Customized PCI services to fit your company’s needs

PCI Solutions

Strategic PCI Assessment

Focused on establishing the PCI scope of your environment and identifying any gaps preventing your PCI compliance.

PCI Scope Analysis

Appropriate for Level 1-4 Merchants, as well as Service Providers.

  • Provides a streamlined analysis methodology to help clients identify and/or reduce their Cardholder Data Environment (CDE), thus reducing compliance requirements.
  • Reduces overall costs and speeds up compliance with PCI.
  • Performed by a Qualified Security Assessor (QSA).

PCI QSA Onsite Assessment

Required for Level 1 Merchants and Service Providers and appropriate for Level 2 Merchants.

  • Provides official annual onsite assessments by a Qualified Security Assessor (QSA).
  • Provides mandatory PCI/DSS deliverables from a QSA:
    • Report on Compliance (ROC)
    • Attestation of Compliance (AOC)
    • Compensating Controls Worksheet
  • Provides nGuard deliverable documentation and tools to accurately communicate findings and help to remediate them.
  • Suitable for both the PCI Readiness Audit and the formal PCI Audit in nGuard’s PCI Compliance Methodology.

PCI Strategic Security Assessment

Appropriate for Level 2-4 Merchants or Level 2 Service Providers that do not require the more extensive QSA Onsite Assessment.

  • Provides an annual assessment by a Qualified Security Assessor (QSA) company.
  • Provides the following deliverables:
    • Mandatory PCI/DSS Self-Assessment Questionnaire (SAQ) accurately completed by a PCI QSA company.
    • nGuard deliverable documentation and remediation tools:
      • Suitable for both the PCI Readiness Audit (Step 2) and the formal PCI Audit (Step 4) in nGuard’s PCI Compliance Methodology.
      • Performed by a Qualified Security Assessor (QSA).

Tactical Assessment Services

PCI mandates tactical assessments to discover and exploit vulnerabilities in your Cardholder Data Environment (CDE). These tactical PCI assessments are sometimes called vulnerability assessments, penetration tests, or ethical hacking.

  • External Penetration Testing
  • Internal Penetration Testing
  • Vulnerability Management
  • Web Application Penetration Testing
  • API Penetration Testing
  • Console Auditing
  • Wireless LAN Penetration Testing

PCI Remediation

If your IT staff is 100% utilized, or possibly doesn’t have all the needed skill sets to perform the remediation, nGuard can quickly help address your issues. In addition, you will be better prepared for future audits. Remediation activities customized for each client can include:

  • Patch Remediation
  • Policy & Procedure Development
  • Policy & Procedure Maintenance
  • Incident Response
  • Security Event Management as a Managed Service
  • Vulnerability Management
  • Windows Group Policy Remediation
  • Database Remediation
  • Perimeter Security Design Remediation
  • Wireless Security Design Remediation
  • Security Awareness Training

Managed Segmentation Validation

Segmentation is an essential control in limiting scope for PCI & other GRC compliance obligations. By conducting regular scans from business networks against your payment card data environments, nGuard helps your organization to ensure that segmentation is properly implemented and in-scope systems are minimized.

Learn More

PCI Compliance for any environment setup

As a veteran PCI Assessor since 2008, nGuard is a Certified PCI Qualified Security Assessor (QSA) delivering assessments for well over a decade.

Merchant

Merchants that process, transmit and store credit card data in a cardholder data environment (CDE).

Service Provider

Service Providers that deliver services inside of their clients’ CDE.

Hybrid Environments

Hybrid Environments that are both merchant and service provider

Certifications

Security Resources from nGuard

“nGuard has been a proven cybersecurity partner with us for over five years that understands our industry.”

— Joe Warling, Randolph Electric Membership Corporation

“nGuard not only does a thorough pen test, their remediation recommendations and tracking tool was a big help in addressing issues.”

— Allan Patek, Executive Director, Wisconsin Insurance Security Fund

“nGuard’s expertise in cybersecurity, their professionalism and flexibility is the reason why we hire them year after year.”

— Frank M. Furnari, Business Systems Developer, NJCRIB (New Jersey Compensation Rating & Inspection Bureau)

“The staff at nGuard are top-notch cybersecurity professionals. I find their knowledge, guidance, and expertise very helpful during our annual pen tests.”

— David Schultheis, IT Manager, Nine Network of Public Media

“nGuard’s cybersecurity and PCI expertise has been instrumental in helping us improve our cybersecurity posture.”

— Mark Krawczyk, Director of Information Privacy, Purpose Financial

“We have trusted nGuard as our primary cybersecurity consultants for 20 years. Our continued choice of and reliance on nGuard year after year is a testament to the professionalism, expertise, and exemplary service that we continue to experience.”

— Jeremy Noble, VP, Information Services, Atlantic Telephone Membership Corporation

“I have used several other large assessors in the past and I recommend nGuard above all others.”

— Scotty Westbrook, IT Director, Sampson Bladen Oil Company

“Through our long-term partnership with nGuard, we gain valuable insight from their advanced cyber-security tests.”

— Lynn Sturkie, Director of Technology Services, Lexington County

Speak to a security expert

Let us help you begin to reach your security goals today.