PCI DSS Compliance

We support your PCI compliance efforts.

Our goal is to reduce the headaches our retail and restaurant customers experience when maintaining their Payment Card Industry Data Security Standard (PCI DSS) compliance. We are continually improving our systems and services to provide the most secure networks and to support our clients’ compliance audits.

PCI-Compliant Firewall

Our Merchant Gateway and supporting services meet every PCI-DSS firewall requirement that applies to service providers and includes the following PCI-required security tools to support your ongoing compliance efforts:

Security Tools for Compliance

• Automated external vulnerability scans by an approved scanning vendor (ASV) with reporting
• Internal vulnerability scans with reporting of PCI-related events
• Dynamically generated site network diagrams
• Network segmentation to protect your card data environment
• Web filtering with policy creation to screen and block malicious web content
• Policy builder so you can control your network policies
• PCI-compliant logging and storage of network traffic data

Network Segmentation

As retailers innovate with new digital technologies, more IP-enabled devices connect to the store network. Each new device creates an opportunity for bad actors to enter your network and make their way to your card data environment (CDE).

Network segmentation sections your network into smaller subnetworks that prevent communication between the segments and monitors and blocks unauthorized access to the CDE.

Segmentation is an important security practice for our restaurant and retail clients. We design your network to protect your cardholder data and reduce PCI scope, saving your team time, money, and effort.

Reduce Compliance Costs

When you use Acumera services, your auditor will accept our compliance as though it were your own. Our perimeter security services alone reduce a considerable amount of your compliance scope.

In support of your annual PCI-compliance audits, we supply your Qualified Security Assessor (QSA) with our Attestation of Compliance (AOC) and our Report on Compliance (ROC), so you can demonstrate compliance in critical areas of your assessment, reducing the time and energy the audit process consumes.

Acumera is a PCI-Compliant Service Provider

We are listed on both the MasterCard and Visa registries of PCI-compliant service providers.

We are also a participating organization on the PCI Security Standards Council.

Acumera helps you comply in areas other managed services providers don’t. Contact us to find out more.