logo

The Online Security Specialists

Protecting your online network with advanced security solutions for online payment protection
  • PCI Compliance Scanning Tools
  • Online Payment Security Advice
  • Protection Against Online Threats

Ensuring your financial security within high threat online environments against a multitude of different attacks

PCI DSS compliance for small companies

The PCI Security Council is turning its attention more and more to smaller online businesses. Companies who are termed level 4 by the Council are only involved in processing less than 20,000 transactions per year. Yet these companies as whole represent the vast majority of online transactions for credit card payments. Many lack knowledge of the technology behind web hosting which often leaves them more vulnerable to security breaches than larger firms.

At present in order to show compliance to the PCI rules, small companies need to complete a Self-Assessment questionnaire and have their online card processing systems scanned once per quarter. But a payments processor may require a more strict level of scanning, possibly once a month.

Small online merchants who do not store credit card details but process payments through a third party such as PayPal need only fill in Version A of the Self-Assessment questionnaire. Since they represent no risk in terms of breach of security this should take minutes to fill in.

The other version of the questionnaire is more complicated and requires information about firewalls, scanners, encryption of data, and storage of data, anti-virus software, and security policies regarding personnel.

If any of the listed areas are currently not complied with then a date must be set for when they will be fulfilled.

As well as filling in and returning the questionnaires a small company must undergo a scan, which is free, by an ASV or approved Scanning Vendor. They will report on any issues which need fixing in order to achieve compliance. Re-testing may then take place around 2 weeks after the initial scan to check that the initiatives have been put in place.

If there a great number of things which need fixing it may be wise to enlist the help of a Qualified Security Assessor.

Contact us For Advice

When you contact us, ensure you provide us with your full company details including your websites and the details of your specific requirements.

    • Name:
    • Email:
    • Telephone:
    • Enquiry:
    • What is 0 + 1 ?

Providing Finance Security

  • Protect your network from suspicious activity
  • Use sophisticated tracking tools to monitor malicious intent
  • Isolate specific threats from within high traffic environments
  • Collate evidence from raw log files and referral log data
  • Group (attackers using different IP's) to evade detection
  • Lay traps to catch cyber criminals in action
  • Track down suspects using advanced data-mining tools
  • Locate criminals with advanced geo-location tools
  • Find evidence which can be used to get legal redress
  • Examples of threats you face which we detect

Sign up to receive periodical security guides

    • Name:
    • Email:
    • What is 3 + 4 ?
  • Office - 23 Windsor Avenue London SW19 2RR

    PCI Compliance Saq 2011 ©
  • Terms of Use