Security and compliance company, RandomStorm, has achieved global Approved Scanning Vendor status from the Payment Card Industry (PCI) Security Standards Council for the seventh successive year.
Formed by Visa, Mastercard, American Express, JCB and Discover Financial Services, the Payment Card Industry Security Standards Council was formed to devise international security guidelines for any company that processes, stores, or transmits customers’ payment card details. Merchants face financial penalties if they do not adhere to the guidelines and payment card security is subsequently affected by a breach within their network. Version 3.0 of the Payment Card Industry Data Security Standard (PCI DSS) was introduced in November 2013.
To preserve their ability to process online payments, merchants must conduct regular security audits of their payment infrastructure, to test that customers’ payment card details are adequately protected from fraud and theft. Vulnerability scans of merchants’ internet facing environments must be carried out each quarter, and whenever there have been significant changes, by Approved Scanning Vendors (ASVs) that have been approved by the PCI Security Standards Council.
Commenting on RandomStorm’s renewed ASV certification, Andrew Mason, co-founder and Technical Director of RandomStorm said, “The latest version of PCI DSS recognises that the security status of a merchants’ network changes on a daily basis, owing to the cyber threat to payment card data. Quarterly audits are no longer enough. Section 11 recognises that network assets need to be continuously monitored and internal and external scans need to be performed after any significant change in the network and whenever a new risk to the card data environment is identified. Owing to the increasing number and complexity of threats, there is a greater need for merchants to call on professional organisations to assist them in maintaining the security of their card data environment.”
RandomStorm provides vulnerability scanning and intrusion detection products and penentration testing services to help companies to improve and continually maintain their security posture. The company is a CESG CHECK security consultancy and certified as a Qualified Security Assessor (QSA) and ASV by the Payment Card Industry Security Standards Council.
About RandomStorm
Please visit for further information.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.