Soteria can help organisations create an integrated layered defence strategy based on powerful standard SAP ® security products that can be integrated with other market offerings such as firewalls and anti-virus. We can work with your organisation to define a bespoke security posture, or we can provide resources to implement your security policy as part of your ongoing security implementation. We provide experienced security consultants to help you achieve compliance with most common security frameworks (PCI DSS, ISO27000, NIST SP 800-53) and IT governance (CobiT 5).
Most e-commerce websites will use an external secure payment service firm such as Worldpay, Sagepay or PayPal for handling their payment card transactions. This simplifies certain aspects of payment card handling, but for PCI compliance, all touch points where card details may be communicated or transmitted need to be reviewed. This will touch IT systems at OS, Db, and application levels. PCI Compliance requirements can also require changes to current business processes (e.g. the cessation of staff practices such as the recording of details on paper, and changes to telephone systems – including telephonic recording systems). Most firms will find that they may need to adopt new technology and alter working practices in order to achieve PCI compliance.