Testimonials

“Ferrum’s team is part of my company’s family – they know what’s best for my business now and for the future. All I have to do is pick up the phone and I know they’re here to help me with whatever I need. Our systems used to go down constantly before Ferrum came in. Now, thanks to Ferrum, we receive a monthly report showing us we made the right investment – increased up time and no more days of staff sitting around drinking coffee because our systems were off-line. They usually know about a problem and have it fixed before we even notice a blip – who can argue with that!”
- E. Swanson, Manufacturing Company

“One word comes to mind when describing Ferrum’s team – excellent! I’ve never worked with a more professional IT firm and look forward to a long lasting partnership – they truly are a part of my organization. I don’t know much about IT, but I don’t have to – my very own IT department is a phone call away.”
– R. Stephenson, Image Bike Works, Inc.

The Payment Card Industry Data Security Standard and Ferrum

Credit cards are widespread and their use for online payments is increasing dramatically. However this increase has also brought about a growth in credit card fraud. In March 2007, TJX Companies Inc. disclosed that at least 45.6 million credit and debit card numbers were stolen by hackers who broke into its network. In a bid to tighten up security and prevent similar breaches to that experienced by TJX, all businesses handling credit/debit card data now need to comply with strict security standards drawn up by the world’s major credit card companies including VISA and MasterCard. These requirements are known as the Payment Card Industry Data Security Standard (PCI DSS), and to date these govern all the payment channels including retail, mail orders, telephone orders and e-commerce.

Since companies are constantly at risk of losing sensitive cardholder data, which could result in fines, legal action and bad publicity, achieving compliance with the PCI DSS should be high on the agenda of companies who store, transmit or process credit card data. Furthermore, PCI DSS compliance needs to be achieved by September, 2007 – this is the deadline posed by credit card companies. Ferrum's Service Plans offer such businesses a number of solutions to help them in their efforts to achieve PCI DSS. Ferrum offers complete event log and network vulnerability management that includes vulnerability scanning, patch management and network auditing allowing you to meet the compliance deadline.

How to achieve PCI DSS compliance

The PCI DSS framework is divided into 12 security requirements which can be grouped into three main areas:

  • Collection and storage of all log data so that it is available for analysis
  • Reporting on all activity so as to be able to prove compliance on the spot
  • Monitoring and alerting whereby administrators can constantly monitor access and usage of data and be warned of problems immediately.

As from September 30, 2007 all businesses handling cardholder data – irrespective of size – have to be compliant with strict security standards drawn up by the world’s major credit card companies. This includes:

Banks
Educational institutions
Financial services
Healthcare
Hotels and restaurants
Gas (refueling) stations
Government
Insurance companies
Manufacturing
Online retailers
Post offices
Retail
Services
Technology
And many more! 

Check out our services and see how we can help your company become PCI DSS compliant today!

Home | About Us | IT Services | Service Plans | Why Use Us | Our Solutions | FAQs | Contact Us
Site Map | Privacy Policy | Careers