Coalfire Announces PCI Level 2 Merchant Support Program

New MasterCard Site Data Protection rules take effect June 30, 2012 catching many Level 2 merchants unprepared Louisville, Colo. – (March 29, 2012) – According to the rules set forth by the major credit card brands and the Payment Card Industry Security Standards Council, all merchants that store, process or transmit cardholder data must be PCI compliant. On June 30, 2012, the process for validating compliance via a Self-Assessment becomes significantly more rigorous for MasterCard’s Level 2 merchants: Self-Assessments must be completed by employees that have attended PCI SSC Internal Security Assessor (ISA) training and have passed the associated accreditation program annually.

“MasterCard’s guidelines were first published in 2009, but many merchants have yet to send employees to ISA training. And even if they have, company officers may not want to sign their name to a Self-Assessment report developed solely by a rookie ISA.” said Kurt Hagerman, Coalfire’s PCI practice leader. “The ISA training program – and by extension, an internally-led PCI attestation –is a great strategy for many merchants. But the program isn’t a shortcut to validation. All the PCI 2.0 requirements still apply, and merchants still need a fully-documented, evidence-backed, report to protect themselves.” To help those merchants, Coalfire has developed a “PCI Level 2 Merchant Support Program”. There are four elements to the program: Free use of Navis Rapid SAQ, a cloud-based solution for completing and maintaining a Self-Assessment Questionnaire Discounts on: Navis Scan Complete, Coalfire’s subscription service for internal and external vulnerability scans (as required to meet PCI requirement 11.2) Internal and External Penetration tests (as required to meet PCI requirement 11.3), A Gap Analysis program, led by a Coalfire Qualified Security Assessor, designed to jump-start an ISA-led compliance validation effort.

An On-site Assessment by a Coalfire QSA, leading to an auditor-signed Report on Compliance. Merchants may use a Coalfire ROC as an alternative to an ISA-led validation.

This program is available to anyone who can demonstrate that they have been classified by their processors as a Level 2 merchant.

According to MasterCard, a Level 2 merchant is: Any merchant with more than one million but less than or equal to six million total combined MasterCard and Maestro transactions annually, or Any merchant meeting the Level 2 criteria of Visa Rick Dakin, Coalfire’s CEO and chief security strategist, adds “There are thousands of Level 2 merchants in the US alone, and many of those will be asked for an ISA-signed SAQ or a report by an independent assessor like Coalfire. As the industry’s leading independent QSA, we know how much work is required to do an accurate assessment. That’s why we developed this program. We want to help them get more secure and avoid whatever fines and penalties banks might impose for non-compliance.” For further information click here.

About Coalfire Coalfire is a leading, independent information technology Governance, Risk and Compliance (IT GRC) firm that provides IT audit, risk assessment and compliance management solutions. Founded in 2001, Coalfire has offices in Dallas, Denver, Los Angeles, New York and Seattle and completes thousands of projects annually in retail, financial services, healthcare, government and utilities. Coalfire’s solutions are adapted to requirements under emerging data privacy legislation, the PCI DSS, GLBA, FFIEC, HIPAA/HITECH, NERC CIP, Sarbanes-Oxley and FISMA. For more information, visit www.coalfire.com.

As a community-building service, TMCnet allows user submitted content which is not always proofed by TMCnet editors. If you feel this entry is of inferior quality or wish to report it for some reason, please forward the URL to "webedit [AT] tmcnet [DOT] com" with your comments.

[ Back To Contact Center Solutions Homepage's Homepage ]

Related Contact Center Solutions Articles

MetricNet Publishes 4 New Australian Benchmarks for IT Support, Contact Centres
[ Read More ]
05/21/2013

Liverpool Bosch Contact Center Hopes for Threefold Expansion by Year End
[ Read More ]
05/03/2013

Bunchball Unveils Augmented Gamification Tools for Jive Platform
[ Read More ]
04/08/2013

Teleperformance Earns the Multimedia Contact Center Award
[ Read More ]
03/19/2013

Shangri-La Unveils Customer Contact Center in China
[ Read More ]
03/13/2013

B. Braun Uses NextiraOne for UC and Contact Center Support
[ Read More ]
03/12/2013

Contact Centre Australia Generates Job Growth in Wellington, New Zealand
[ Read More ]
03/04/2013

[ View all Contact Center Solutions Articles ]

Contact Center Solutions Glossary of Terms

A B C D E F G H I J K L M N O

Featured Whitepaper

Microsoft® Lync® in the Contact Center: Integrating with Customer Interaction Center™ to Provide a Barrierâ€free Customer Experience To implement contact center functionality, organizations using Microsoft Lync Server 2010 can follow the unified communications blueprint of open standards interoperability and integrate to a contact center solution of their choice. Customer Interaction Center (CIC) from Interactive Intelligence is a proven best of breed contact center solution that merits consideration ...

Featured Success Story

Interactive Intelligence all-in-one IP communications software suite integrated with Microsoft Lync helps Bentley save $200,000 annually.

Featured Product Demo

Contact Center Solutions Interaction Analyzer™

Interaction Analyzer™
Real-time word and phrase spotting. Alerting. Analytics. Scoring. Coaching. Watch how Interaction Analyzer turns every moment, of every past and present call, into data that lets you deliver an exceptional customer experience.