PCI compliance

RUNWAY TO PCI COMPLIANCE
We knocked out a PCI assessment, tracking cardholder data across Atlantic Aviation's entire system. We then exposed them to a strategy for achieving PCI compliance.

CLIENT: ATLANTIC AVIATION (AA)


PROJECT:

PCI Compliance

STRATEGIES:

DevOps, Digital Transformation

TECHNOLOGIES:

Discovery, Compliance, Risk Optimization, Infrastructure-as-a-Service

FACTS

L

AA stores customer credit card information

L

To maintain status with credit card vendors AA must upgrade infrastructure and software

L

PCI DSS compliance is now required by all major credit card vendors

ISSUES

L

AA lacked policies, procedures, and documentation for handling customer credit card data

L

Some customer data was at risk to AA employees

L

In-house custom software could perform unauthorized access to sensitive data

L

Company infrastructure needed updating to handle credit card data restrictions

RESPONSE

L

Create detailed documentation and diagrams of current software and hardware

L

Partnered with the best PCI security analyst in the southwest

L

Modeled and presented 2 different software and infrastructure options for bringing systems into compliance

L

Worked with in-house personnel to achieve PCI compliance

L

Create compliance documentation

RESULT

L

All major credit card companies certified AA to be PCI compliance

L

Saved AA thousands of dollars in unnecessary software updates and infrastructure costs