INFORMATION SECURITY CASE STUDY
Our customer, high end, San Francisco based apparel company, decided to open their first online store in order to increase its customer base. Since 99 percent of the online payments involve credit cards, the company needed to ensure they would pass PCI Audits, and that their customer’s information is secure from unauthorized access.
Scope of work
- Audit network access and controls
- Assess host security and encryption
- Remediate violations to PCI DSS
- Prepare PCI Audit documentation
Our team had followed the shopping flow which pointed to the network devices and servers involved in the credit card payment process. By performing penetration testing, we were able to identify vulnerabilities of all participating systems. Subsequently, we have created a plan to remediate PCI violations and vulnerabilities without major interruptions to the customer’s online store.
The remediation plan was deployed in two phases – the first phase involved patching and vulnerability mitigation, and the second, remediation of all PCI violations as per PCI standards. Following successful remediation implementation, our team completed all essential PCI Audit documents. As a result the customer passed the PCI Audit and maintained its sales trends. There were no interruptions to the sales process, business flow, and no impact to the customer online experience.
Information security success stories
Let’s give your competitors something to worry about