Continuous infrastructure security management and posture maintenance for a financial technology firm.

Company overview

A payment processing technology firm working with merchants in their payment processing goals by doing the heavy lifting of dealing with banks and securing the customer end.

Problem

A complicated cloud environment and staffing practice that is difficult to maintain tracking of security concerns. With a responsibility to get audited once per quarter as required by their QSA to maintain PCI compliance.

Solution

Our approach was to understand the hiring and employee process, the access provisioning and de-provisioning process, and all services used within their cloud environment.

Our team re-wrote policies to match their current processes, working with our client’s team to institute a cadence of access reviews and a well-defined and easy-to-follow approach for their people security.

Implemented a strategy and tool to maintain, manage, and alert on compliance that relates to PCI – made the process seamless.

Finally, we established an audit process, and our audit team reviewed their implementation and continues to support this client in their security goals.

Outcome

Better outcome with maintaining PCI requirements for compliance. Reduced hours spent with PCI auditors, and improved revenue.
Scroll to Top