Beyond our complimentary services, available to all members, there are many areas within the PCI Compliance realm where AccuCode can directly, and indirectly, through our tremendous list of service partners, offer individual business problem solving services. The entire list of service offerings is guided directly by PCI-DSS v1.2.1 requirements. The underlying goal is to give a retailer only what they need, and not bundle a package of services that they do not need. A short list of said PCI-DSS requirements are as follows:

• PCI DSS Hardware Analysis
  An AO:Compliance Specialist will review your hardware environment including POS, network, wireless, firewalls, etc..., and provide a customized hardware solution plan to help you reach PCI compliance.
  
  
• Network Diagram Review
  An AO:Compliance Specialist will review your current network diagram to help you to reduce risk (while reducing your PCI Compliance scope) and also to help you identify potential cost savings.
  
  
• Wireless Security Review
  An AO:Compliance Specialist will review your current wireless security practices and provide recommendations to make sure you are conforming to current PCI Compliance standards.
  
  
• Compliance Validation Service
  AO:Compliance has a number of self service compliance validation services for low volume merchants. Contact us to get the correct PCI-DSS SAQ (Self Assessment Questionnaire) and scan any external facing IP addresses with the click of a button.
  
  
• Review of Scan Results
  An AO:Compliance expert can step you through the results of your scan and help you to decipher it, while informing you of what steps, if any, need to be done to satisfy the PCI Compliance requirements with a minimum of time and money.
  
  
• Remediation of out of compliance scan Results
  We realize that your profits come from doing what you do best, retail. You don’t have the expertise or time to stop what you are doing to satisfy the demands of PCI Compliance. AO:Compliance specialists have the knowledge and the expertise to do the remediation tasks you need quickly and as cost effectively as possible. By understanding the larger picture, we will work to incorporate any required modifications to your overall system and network architecture - to not only protect your business; but, to give it a sound growth path for the future.
  
  
• Premium Policy and Procedure Construction
  At first glance, policy and procedure construction may seem like an easy section for the retailer to write up and file it. Further research reveals more than 20 sub components on requirements, distribution, and reporting. Our experience and expertise can work closely with your team to analyse and create an effective policy work flow to keep you in not only in compliance but become a valuable tool to protect and grow your business.
  
  
• Network Diagram Construction
  AO:Compliance specialists have the knowledge, skills and tools required to create an accurate and PCI Compliance-approved network diagram documents. This is a clean but vital visual road map of your current architecture that can be used to minimize and segment any payment card data access to reduce your overall costs of becoming and maintaining PCI Compliance.
  
  
• Network Security Site Survey
  Network security is ensuring that your computer network is safe from unauthorized use and access of your computer network. AO:Compliance specialists bring their knowledge, skills and best of class tools to survey all aspects of your current network to reveal any potential vulnerabilities that could be used to access any part of computer network. This includes both your wired and wireless segments of your system.
  
  
• DLP Discover
  AO:Compliance has a Data Lost Prevention (DLP) solution to help you avoid the outflow of vulnerable [payment card] data. It is the only outbound content control system that gives merchants visibility into all insider risk, regardless of it being inadvertent or malicious, and to help secure the various vulnerabilities before something happens.
  
  
• Penetration Testing
  AO:Compliance offers you the entire range of penetration related testing for PCI Compliance - from Internal Penetration Testing, to External Penetration Testing, to Wireless Penetration Testing on a wide array of technologies, such as 802.11 (Wi-Fi), application specific ZigBee, 900MHz networks, legacy FHSS technologies, 5.8GHz networks, as well as, others technologies and systems.
  
  
• Application Penetration Testing
  AO:Compliance can test both Web-based, as well as, thin or thick client applications against simulated attacks, producing a well defined correction process to close any security gaps discovered.
  
  
• Application Source Code Review
  If the you have some homegrown applications that are in-scope, AO:Compliance specialists can review the application, line by line, and verify the development process echoes the mandates within PCI DSS and offer corrective options for areas that may fall outside of best practices.
  
  
• Network Infrastructure Remediation
  AccuCode’s Professional Services division can successfully retool any sized network to meet the strict security demands of PCI DSS and lessen the PCI Compliance scope all at once. From a four computer network to a national multi location retail chain, there is no network size that we can’t handle.
  
  
• Managed Security Event Log Monitoring
  AO:Compliance has a very sophisticated, hosted log monitoring solution that can satisfy the PCI DSS (section 10), as well as, Sarbanes-Oxley, HIPAA, GLBA, NERC and FISMA. The automated, on-demand reports and dashboard improve visibility into operations and security events enabling organizations to improve investigation response time and validate that compliance threats have been remedied. AO:Compliance’s Event Log Monitoring can be scaled to perform real time scans, daily automated reviews or self service reviews.
  
  
• Ongoing Protection Service (UTM - Unified Threat Management)
  With a single Unified Threat Management (UTM) appliance, AO:Compliance can provide firewall, intrusion prevention, anti-virus and VPN securities, supporting PCI DSS compliance for franchise or retail locations, or satellite offices. Additional protection services such as HA Configuration Deployment, Web Content Filtering, DMZ Segmenting and Site to Site VPN links are also available.
  
  
• Ongoing Change Management Involvement
  AO:Compliance can offer the offsite expert PCI Compliance guidance via regular involvement with their weekly change management meetings. We can offer acceptable change ideas and help direct you away from implementing changes that could potentially render your operation non compliant.
  
  
• Enterprise Network Management Solution
  As an extension to Ongoing Change Management Involvement, AO:Compliance can subsidize the entire Change Management process and assume ownership of your entire network security practices, being the sole entity to accept and subsequently implement any changes to the PCI compliant and in-scope infrastructure.
  
  
• Upgrading out of Scope Hardware, Software or Firmware
  AccuCode’s success has been built on the strengths of its AccuCode Object solutions. One of our best is AO:Services that has brought a new level of expertise and methodology to managing and executing rapid delivery software and hardware roll-outs. We have years of successful and on time, on budget roll-outs that span the scale from a few computer updates to multi-store, multi-state, and even multi-continent ugrades without ever missing a budget or time constraint. AO:Compliance membership has its privileges as the entire armada of AO:Services are ready and available to facilitate a fast and cost effective deployment of any upgrades required.
  
  
• Customized Business Process Construction of PCI DSS Best Practices
  We will work with your entire suite of existing solutions vendors, as well as, their current business practices to a develop customized PCI DSS best practices business processes such as: policy construction, network re-scoping, security and encryption best practices, long-term hardware and software upgrading, planning and implementation to ensure the highest of securities at the lowest cost long term.
  
  
• Professional PCI Compliance Education of Customer’s Designated PCI DSS Entity
  We will train your designated PCI Compliance staff to become your own in-house PCI experts.
  
  
• Overall PCI DSS Business Processes Management, Scheduling, Implementation.
  Few retailers have the luxury of creating and funding your own PCI Compliance department. PCI Compliance is a growing and constantly changing process. AccuCode is sensitive to this problem and is offering its AO:Compliance members the opportunity to effectively outsource their PCI Compliance staff for substantial savings over attempting to fund and manage it themselves. AO:Compliance specialists offer our expertise and we can integrate and work with your team to successfully manage the entire PCI Compliance process so you can focus on what you do best - running your business.
  
  
• Level 1 Report on Compliance Deliverable
  AO:Compliance can offer you a full on site QSA audit, delivering to you the Report on Compliance (ROC).
  
  
• Wide Area Network ISP Security
  AccuCode has partnered with New Edge Networks and their Direct Connect Service to give you Internet Service and Wide Area Network (WAN) infrastructure with the advantage of private, redundant links to leading payment vendors such as First Data, Chase Paymentech and American Express. With direct transport of your point of sale (POS) traffic to your payment processors, you'll reduce transaction times to as little as two seconds and reduce overall payment card processing costs. New Edge Networks is fully PCI compliant, so you and your customers can be assured that card holder data is protected.
  
  
• Card Compromise and Forensics
  Sometimes the unexpected happens. AccuCode has teamed up with the best in the business to provide immediate response to any identified breach or threat. AO:Compliance allows you access to the best in the business to investigate any event to help minimize the loss and get your business back to normal operation. Every issue is met with sensitivity and complete confidentiality with certified and experienced forensic experts.