PCI deems CCI payment network impenetrable
IRON MOUNTAIN, Mich. October 15, 2015 – CCI Systems is pleased to announce its completion of the Level 1 Service Provider PCI Compliance Audit. The Payment Card Industry Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment.
CCI has numerous customers including financial, insurance and hospitality entities that utilize CCI’s Voice Services to conduct business with end user customers. As part of those transactions, credit card data may be provided from one entity to the other which requires that those voice services be Level 1 Service Provider PCI Compliant.
Each year, CCI is required to retain the services of a duly certified Qualified Security Assessor to audit the policies, procedures, and network security associated with CCIs voice network. This audit includes physical security audits, network penetration testing and attempts to hack the CCI voice network from multiple sources and policy and procedure reviews and modification to ensure that critical and sensitive information is not released to entities that could attempt to penetrate the network for nefarious purposes. The process takes approximately 4 to 6 months to complete. Entities that are not PCI Compliant are not allowed to process credit card transactions or store credit card data. Fines associated with non-compliance for small breaches can be $5000 to $100,000 per month. Large data breach fines can start with $25 million up to $500 million.
In addition to yearly certification, CCI also undergoes monthly penetration testing by an independent third party security assessor to ensure the network remains Level 1 Service Provider PCI Compliant.
About CCI Systems
CCI Systems, headquartered in Iron Mountain, Michigan, offers start-to-finish solutions for all kinds of communications networks, serving Telco, MSO and cable operators as well as hotels, education and healthcare institutions, businesses and municipalities. With more than 50 years of experience in network engineering, construction and integration, CCI guides clients to the right choices for today while making sure they’re prepared for tomorrow. Learn more at www.ccisystems.com.
ABOUT PCI SECURITY STANDARDS COUNCIL
The PCI Security Standards Council is a global forum that is responsible for the development, management, education, and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security.