EMC Corp. has launched a consulting service designed to help prepare merchants to manage their payment-security needs, the Hopkington, Mass.-based security-technology company announced Dec. 15.
The new service will help companies to plan a strategy for achieving compliance with the Payment Card Industry Data Security Standard, to prepare companies for PCI-compliance assessments and to develop plans for managing breaches and their aftereffects, Branden Williams, EMC director of security consulting, tells PaymentsSource.
“Merchants are asking us for this,” Williams says, noting companies tend to want to bring in a partner that does not have a vested interest in their compliance.
As with many businesses, merchants have compliance issues that extend beyond payments, he says. There may be health-data issues or state data-breach laws to contend with, Williams notes.
EMC’s service will examine a company’s infrastructure for its compliance with PCI standards and other measures, Williams says. The readiness-assessment component helps merchants “understand how they stack up in a PCI assessment,” he says.
“By the time they’re ready for the assessor to start they’ll know if they’re compliant and what work they need to complete,” Williams says.
And in the event of a breach, EMC’s third leg of consulting offers post-breach forensic assistance and guideline development to lessen the likelihood of a similar breach happening again, William says. “It’s less about creating a program specifically for PCI compliance, but about a compliance function within the company,” he says.
EMC would not disclose pricing for the new service, but the company will calculate the number of business processes, such as authorization, settlement and marketing, into the fees, Williams says.
What do you think about this? Send us your feedback. Click Here.