PCI DSS is the payment card industry security requirement for entities that store, process or transmit cardholder data, and has been endorsed by all the major card brands â Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB.
As a payment gateway provider for hotels and the hospitality industry, DerbySoft has engaged Trustwave to provide guidance on securing their payment environment and validating PCI DSS compliance. They have enrolled in Trustwaveâs on-demand compliance management solution, TrustKeeperÂ® to access the necessary tools to support on-going compliance such as quarterly network vulnerability scans. In addition, Trustwave will perform an internal penetration test to ensure adequate controls are properly in place for any person with access to the internal corporate LAN/WAN environment.
âMis-configured internal networks lend themselves to external attacks,â says Feng Ou, CTO at DerbySoft. âWe are working with Trustwave to secure our entire environment to prevent any malicious attacks and gain greater clarity into corporate vulnerabilities while also validating our compliance.â
âTrustwave has recently found that businesses in the hospitality industry share common security deficiencies that contribute to the compromise of payment card data, such as the storage of magnetic stripe data, weak passwords and insecure remote access applications,â says Robert J. McCullen, chairman and CEO of Trustwave. âDerbySoft is taking a great step differentiating itself as a provider of secure and compliant solutions. Users of their technology will rest assured knowing that DerbySoft understands the importance of payment card security.â
âDerbySoft is a leader and deserves recognition for their proactive approach to protecting cardholder data,â says Sophia Chen, director of Northern Asia Pacific for Trustwave. âTrustwaveâs internal penetration test will provide their organization greater insight into their network environment, assessing each security layer and ensuring DerbySoft has implemented the proper security controls to protect themselves from external exploits.â