UDTSecure™ Consultants Perform PCI DSS Compliance Assessments: Retail Industry

The customer was not sure on the type of reporting forms to be submitted and had a number of deficiencies not addressed from their prior assessment.

The Customer

Large retail organization with $2.2 billion in annual revenue and more than 132 locations across the U.S. and Canada required assistance completing their annual PCI DSS compliance assessments.

The Challenge

The customer was not sure on the type of reporting forms to be submitted and had a number of deficiencies not addressed from their prior assessment. The expanding business, in conjunction with the evolving PCI DSS controls, left significant gaps in the organization’s ability to achieve compliance. The business challenges included the following:

Confirming scope of Cardholder Data Environment
Identifying gaps in compliance with new PCI DSS 3.2 standards
Maintaining compliance for their 132+ retail locations without internal IT staff
Developing actionable remediation strategy to meet compliance

The UDTSecure™ Solution

UDTSecure proposed a PCI DSS 3.2 Gap Assessment to help the Customer confirm what was in place, and what problems they would need to remediate in order to achieve compliance. The PCI DSS Gap Assessment confirmed the correct PCI merchant level for which the chain should file, and also identified that proper segmentation could minimize the scope of their cardholder data environment, saving them tens of thousands of dollars and ongoing audit and testing costs.

Through PCI Managed Service agreement, our client is able to outsource ongoing requirements for PCI compliance to us, including:

Quarterly ASV and internal vulnerability scans
Wireless testing
Annual penetration testing
Assistance in completing self-assessment questionnaires
Real-time monitoring of firewall logs
Outsourced security operations team for “as needed” incident response

The Benefits

The UDTSecure PCI Solution helped the Customer realize the following business benefits:

Cardholder environment minimized through proper segmentation
Managed services that helps provide required quarterly and annual PCI testing
UDTSecure removed the Customer’s monitoring burden through outsourcing activities they were not equipped to handle by internal resources and technology

To learn more about UDTSecure’s PCI DSS compliance assessments, please call 954-308-5100 today!

Download Now!

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

Crafting a Futureproof 1:1 Device Strategy for School Districts

In the evolving landscape of Education Technology, crafting a futureproof 1:1 device strategy is crucial. This strategy should link every student, teacher, and administrator experience with specific device specifications. The integration of educational apps into the curriculum can significantly enhance the learning environment. These apps, tailored to the needs of students, can provide interactive content, fostering a dynamic learning experience.

Optimizing Your K12 Tech Investments: Funding 1:1 Device Programs

This blog will guide school districts grappling with the financial and resource demands of implementing a successful 1:1 device program amid ongoing challenges of budget constraints and competing priorities. Our guided workbook, created in partnership with Intel, provides further support with personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

K12 Cybersecurity: How to Secure 1:1 Devices in Your School District

This blog post delves into the importance of security, cybersecurity, and data privacy in school districts implementing 1:1 device initiatives. It offers basic steps for evaluating, planning, and executing a security strategy. Our guided workbook, created in partnership with Intel, provides a personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

Lost & Stolen Devices are a Serious Data Security Threat—Here’s Why

Since the pandemic, remote and hybrid work has become the norm. While mobile devices and remote workstations have empowered great flexibility, it has also led to an increase in data security problems due to lost, misplaced, or stolen devices. Find out how remote and hybrid setups are contributing to this problem and how to protect yourself and your organization.

Ransomware Gangs Adding Pressure with ‘Swatting’ Attacks—Here’s What You Need to Know

Ransomware gangs are implementing new extortion tactics to encourage victims to pay up. Swatting is becoming an increasingly popular tactic. It involves calling law enforcement to falsely report a serious, in-progress crime triggering an extreme response such as an armed raid from the SWAT team. Explore how cybercriminals are using this tactic and what you can do to prevent it from happening to you.

Smishing Attacks are on the Rise—Here’s How To Keep Your Data Safe

Smishing attacks are on the rise, posing a significant threat to data security. Originating from a blend of SMS and Phishing, these attacks have seen a drastic increase since 2020. The widespread use of smishing attacks has persisted, with a lack of awareness being a major issue. Many view these as simple spam messages, unaware of the danger they pose. This blog aims to raise awareness about smishing and provide actionable insights to protect yourself and your organization.