NETconsent enables organisations to implement the controls prescribed by the PCI DSS which are mandatory for all entities that process, store or transmit cardholder data. The benefits of which maintain safe harbour, and avoid potential liability in the event of fraud associated with theft or cardholder data.
Credit card fraud has major ramifications for both cardholder and card handling company. For the consumer, there is the possibility of identity theft and damage to credit score; whilst the merchant risks catastrophic loss of consumer confidence.
The security standard now stands at a set of twelve high level requirements, encompassing technical demands and human intervention. At each level there is the need
for the appropriate personnel to understand and adhere to pertinent policies. This is most specific within Requirement 12, which deals solely with the maintenance of security policies for all members of staff. NETconsent targets the relevant user base with the relevant policies, tracking who has read and accepted each policy and providing automated testing to confirm user understanding. NETconsent can even prevent users accessing their account if they fail to comply.
Since its official inception in 2004, the PCI DSS has evolved in order to combat new and existing threats within the changing commercial and technological climate. The
NETconsent Compliance Suite has the ability to adapt alongside the standard; disseminating changes to policies, as well as providing access to the full documents.
Reducing risk is also a key benefit that NETconsent delivers, ensuring the right people have the right information to hand, as and when required. It demonstrates PCI DSS compliance via a comprehensive audit trail and provides up to date reporting on who has read what and when. It consolidates policies and updates, negating the need for a large training expenditure. In short, it unites policy with technology.
PCI DSS compliance is mandatory and non-adherence could result in heavy fines. NETconsent ensures that all relevant individuals within an organisation are PCI DSS policy proficient, implementing compliance at every level.
NETconsent also reduces operational costs by streamlining the administration of policy documents, and reducing the effort expended on meeting annual PCI training requirements.
The PCI DSS specifies 12 high level requirements for compliance, organised into six logically related groups: