The PCI Council recently released new guidance and standards concerning segmentation. This is excellent guidance and Omega recommends you read the entire document, but for purposes of this blog we’d like to highlight some interesting bits from the guidance below:
The guidance goes on to provide example segmentation implementations with recommendations.
All of that is great guidance for a person technical enough to understand it, but not all merchants employ someone technical enough to understand it and configure it properly. The guidance explains what must be done, but it doesn’t tell you how to do it on your equipment. Therein lies the elephant in the room. Without knowing more about your specific network and hardware, the guidance can’t spell out the how. Without the how, and without someone who understands how to apply it, the guidance doesn’t get implemented. With that in mind how can a merchant achieve the items recommended in the guidance?
That is where third party service providers come in. But don’t make the mistake of thinking all IT service providers understand security controls. Even an IT service provider may not be enough.
To be sure, hire a managed security services provider, and request an attestation of compliance with Payment Card Industry Data Security Standards (PCI DSS). Here is where Omega shines. Omega not only has a current PCI DSS AOC, Omega passes two QSA security audits a year. One is the Service Provider certification and the other is for Omega’s Data Center.
So make your life less stressful, schedule a call to learn more about Omega’s ground breaking approach by calling Peter Guidi now — 636-557-7777 x2451, or email Peter at firstname.lastname@example.org.