Payment Card Industry (PCI) Compliance
Contextual Security is a PCI Qualified Security Assessor Company (QSAC) recognized by the PCI Security Standards Council. We provide a full suite of services to assist our clients in meeting and maintaining PCI compliance at all levels. Our QSAs, which are all dedicated employees (never subcontracted), have extensive experience working with a variety of organizations of all sizes. Our clients include large retailers, ecommerce organizations, service providers, energy cooperatives and others.
Whether you are new to the PCI DSS process, need help completing a Self-Assessment Questionnaire (SAQ) or are required to go through a third party audit, Contextual Security is your trusted partner.
Contextual Security offers highly-trained QSAs, deep roots in PCI compliance and a proprietary platform that gives you unique insight into your organization’s security and compliance initiatives.
Our illumino platform allows you to have 24/7 visibility into the audit process. illumino was developed out of a need to eliminate the frustrations our customers have experienced during the audit process where issues or gaps in compliance were not communicated effectively. The illumino platform gives organizations the ability to quickly identify the status (Compliant, Not Compliant, Remediating, etc.) of each control/sub-control within the PCI DSS. By making this information readily available, there are no surprises.
We encourage our clients to stay engaged with our QSA’s on a regular basis (e.g. monthly, bi-weekly, weekly calls) throughout the audit. This constant communication reduces any last minute compliance “gotcha’s” that can arise.
Contextual Security also doesn’t come onsite for a week for an initial review, then disappear for three months before re-engaging. That is a recipe for disaster. We stay involved throughout the year to help you meet your organization’s goals.
We are your trusted security and compliance partner. At Contextual Security, Solid Security Begins With Knowing. Excels by Doing.
Having used different IT GRC products in past, we feel Contextual Security's “illumino” has allowed us to better organize and simplify the numerous compliance controls along with roles and responsibilities to better organize and complete our audit requirements. With it’s any access platform, we can use this data anywhere-anytime to provide scheduled controls and evidence of those in a central tool, making us more consistent and productive. The fact we no longer wait to see reports and results or audits – now they are available as they are completed, almost in “real time”. The result is a less stressful completion and final delivery of Reports on Compliance, without the anxiety of not knowing or feeling incomplete. It’s refreshing to use a product that is built and understood by a team that not simply understands compliance, but is active and experts in security testing. I no longer dwell or doubt our ROC date goals, because of Contextual Security and 'Illumino'."
Due to numerous high profile data breaches, the board of directors of a large non-profit hospital became concerned about how they handle credit cards. After some internal discussions, hospital employees concluded that the hospital’s systems were adequately protected; however, their board insisted that they also undergo an audit. That’s when the hospital started taking a closer look at what their systems were doing and is also when they discovered that there’s more to their systems and business processes than they originally understood. In addition, there were already projects underway that would impact the network architecture and could have a significant impact on compliance objectives if there was a lack of proper consideration given for the intricacies of PCI compliance. Therefore, the hospital sought expert council from outside professionals that operate in payment card compliance. Through a collaborative effort between hospital executives, various departments of their operations staff, and third-party vendors, Contextual Security Solutions was able to effectively identify their compliance goals and suggest remediation activities that greatly reduced the hospital’s PCI scope, costs, and risks. As the hospital’s technology environment continues to evolve, Contextual Security Solutions continues to provide expert advice to ensure the hospital is adequately protected and compliant with the latest PCI standards. The hospital has made national headlines hundreds of times over the years for the miracles and accomplishments their doctors and patients achieve. It’s a true testament to how this hospital desires to operate, and we’re not only proud that none of this national attention has been the result of a payment card data breach, we’re committed to keeping it that way!
The Contextual Security Team was great to work with. Their plan of action was very thorough and reporting very detailed which provided us with suggestions on how to address areas of concern. I feel that we made the right discussion choosing Contextual Security.