BUILD AND MAINTAIN A SECURE NETWORK

• Requirement 1: Install and maintain a firewall configuration to protect cardholder data
• Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

PROTECT CARDHOLDER DATA

• Requirement 3: Protect stored cardholder data
• Requirement 4: Encrypt transmission of cardholder data across open, public networks

MAINTAIN A VULNERABILITY MANAGEMENT PROGRAM

• Requirement 5: Use and regularly update anti-virus software
• Requirement 6: Develop and maintain secure systems and applications

IMPLEMENT STRONG ACCESS CONTROL MEASURES

• Requirement 7: Restrict access to cardholder data by business need-to-know
• Requirement 8: Assign a unique ID to each person with computer access
• Requirement 9: Restrict physical access to cardholder data

REGULARLY MONITOR AND TEST NETWORKS

• Requirement 10: Track and monitor all access to network resources and cardholder data
• Requirement 11: Regularly test security systems and processes

MAINTAIN AN INFORMATION SECURITY POLICY

• Requirement 12: Maintain a policy that addresses information security

We Analyse the PCI DSS Compliance of your Organization

PCI DSS Compliance is not an overnight process; rather, it's the collaboration of numerous initiatives undertaken by various personnel within your organization, all working towards a common goal. In short, it can sometimes be a monumental effort needed by all for ensuring PCI DSS compliance is ultimately successful. So, where do you begin, what's needed of you and your organization, and where do you find the tools and resources for undertaking PCI DSS compliance? Outlined are key activities, deliverables, and milestones for ensuring your organization is on the right path for PCI DSS compliance. Nnajgel Solutions PCI DSS Gap Analysis is for organizations who want to measure current corporate information security practices against the PCI DSS. This service is relevant to organizations that are accepting or processing credit card transactions and want to gauge current information security controls and practices against the PCI DSS standard. The Gap Analysis is often the first step of a PCI DSS compliance project, and provides a roadmap for compliance to the PCI DSS standard. This service will typically involve a number of days onsite for Nanjgel Solutions to meet with the managers who are in charge of the PCI DSS program; key staff involved in network administration and cardholder systems; and the individuals responsible for company procedures and policies.

Nanjgel Solutions is a leader in helping customers understand and maintain compliance with the PCI DSS requirements. Nanjgel Solutions provides customers innovative approaches to assessing their PCI DSS scope and implementing the necessary controls to meet and exceed the objectives of the PCI DSS standard.

After each Gap Analysis, Nanjgel Solutions delivers a detailed report outlining the following information:

• High level review of the cardholder data environment
• Identification of all current cardholder data processes and storage locations
• Identification of areas where the client is fully compliant
• Identification of areas where no solutions, processes or policies exist
• Recommendations for next steps
• Completed Self Assessment Questionnaire (SAQ)
• Completed prioritized approach document