New to PCI? Don’t panic! We can guide you through the whole process. Already started with your PCI DSS work but confused as to next steps? Whatever stage you are at, Cobleas can support you on your journey to compliance.
With a track record of delivering to organisations of all sizes in the UK and Europe our team knows exactly the sort of challenges that clients can face. This extensive experience allows us to give you practical and pragmatic guidance, whatever the size of your organisation. You, your systems and infrastructure are unique. This will always be reflected in the way we approach your compliance project.
Scope analysis and reduction: We will identify any problems with the security of cardholder data in your environment and find cost-effective and robust solutions. Wherever possible we aim to reduce the scope of your compliance as much as possible. This cuts your risk and the need for remediation, making it easier to achieve and maintain compliance without compromising on security. Doing this early in the process saves time, effort and money. It sounds logical but many organisations only really look at their environment at the remediation stage: and then find they’ve spent time analysing and fixing things that don’t need to be in scope!
Cardholder Data Discovery: You can’t protect what you don’t know about. Cobleas has spearheaded the creation of a Cardholder Data Discovery Research Group within the Security Standards Council. We bring that wealth of experience to our clients. Using innovative discovery techniques and a range of cutting edge tools, all underpinned with our years of experience, we will help you find those unrevealed cardholder data sources that you may not be aware of and that must be addressed before assessment.
Project Support: Get advice from an experienced UK-based consultant only when you need it. Whether you need face-to-face assistance or telephone and email support we offer a bespoke service at a sensible price. This approach has proven cost-effective for clients while keeping your programme advancing smoothly. Our experienced and professional staff can adapt to the specific needs of a client and their compliance programme with the minimum of fuss. Whatever stage you’re at in your compliance efforts, know that cost-effective help and guidance are at hand.
Gap analysis and Remediation: With considerable experience in implementing remediation solutions for organisations, Cobleas will bring knowledge, understanding and capability to build real solutions to any issues that you face in your compliance programme. Your dedicated security consultant will work with you as long as you need and provide pragmatic solutions. This is often done in conjunction with your acquirer so they can see your roadmap for positive progress towards compliance. We will provide (or review) your remediation project plan and whether it’s specialist advice on compensating controls, or assistance with proposed architecture changes we can help.
Policies Framework: Information security policies tailored to your needs. Over 60% of compliance with the PCI DSS relates to policy, standards, process, procedure, configuration and documentation. Our team has built a policy framework to get your compliance effort on track. Cobleas will work with you to put the framework in place and help you make it operational within your business.
Assessment Support: Whether you are able to self-assess or need to work with a QSA company we can help. After years in the business as QSAs ourselves we know that not all QSA companies are the same and it can be difficult sometimes to find the right one for your needs. We can liaise with our trusted partner network of QSA companies on your behalf to find the right one to assess your environment against the PCI DSS.
Training: Information security is sometimes seen as “just an IT problem” rather than a challenge that an entire organisation must address. Positive communication and training is often the answer. We have delivered bespoke compliance training to many clients including professional bodies, academic institutions and private sector firms. We can help your staff learn the importance of information security in general and how to handle and protect cardholder data in particular.
Whatever the challenges you face, contact us on 0845 388 1124 for a no-obligation chat about how we can help.
