Klatu, Inc.
Home/Inicio | Contact/Contacto | Plans/Planes | Demo E-Store/E-Tienda Demo | LOGIN
Privacy/Privacidad | About Klatu/Acerca de Klatu | Safe Harbor/Puerto Seguro

 

1. Solutions | Soluciones

2. Features | Ventajas

3. Why Klatu? | ¿Por qué Klatu?

4. Custom Catalog |   Catálogo Propio

5. Pricing |  Precios

6. E-Stores | E-Tiendas

7. Partners | Socios

8. CNETChannel

10. Export Compliance

11. CRM and E-Store Metrics

12. International Sales | Ventas Internacionales

13. Promotion | Promocion

14. KlatuBLOG *new

15. FAQs | Preguntas Frecuentes

16. Documents | Documentos

17. Press Releases | Lanzamientos de Prensa

18. Consulting | Consulta

19. Social Positions and Activism

20. Infrastructure, Standards and Services

(PCI) Data Security Standard

difference_engine.gif

We have completed the Payment Card Industry (PCI) Data Security Standard (DSS) Self-Assessment Questionnaire (SAQ) D, Version 1.1 and find that our internal policies, measures and processes,are in compliance within SAQ vD 1.1.

We recognize that we must maintain full PCI DSS compliance at all times.  We do not retain any magnetic stripe (i.e., track) data, CAV2, CVC2, CID, or CVV2 data, or PIN data storage subsequent to the transaction authorization was found on ANY systems reviewed during this assessment. 
   
PCI Data Security Standard Requirements require compliance with these general areas, that apply to card-not-present (e-commerce) transactions processed through our servers.

  • Installing and maintaining a firewall configuration to protect data
  • Changing (not using) vendor-supplied defaults for system passwords and other security parameters
  • Protecting (andlimiting) stored cardholder data
  • Encrypting transmission of cardholder data across open, public networks
  • Utilizing and regularly updating anti-virus software or programs
  • Developing and maintaining secure systems and applications (all system components and software have the latest vendor-supplied security patches installed.)
  • Restricting access to cardholder data by business need-to-know
  • Assigning a unique ID to each person with computer access
  • Restricting physical access to cardholder data
  • Tracking and monitoring all accessing to network resources and cardholder data
  • Regularly testing security systems and processes
  • Maintaining a policy that addresses information security for employees and contractors
    •

    Further, under PCI DSS Hosting Providers Requirement A.1, we protect the cardholder data environment.

    About PCI
    The PCI Security Standards Council is an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.  The PCI Security Standards Council’s mission is to enhance payment account data security by driving education and awareness of the PCI Security Standards. The organization was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa, Inc.

    About the PCI Data Security Standard Self-Assessment Questionnaire
    'The PCI Data Security Standard Self-Assessment Questionnaire is a validation tool intended to assist merchants and service providers in self-evaluating their compliance with the Payment Card Industry Data Security Standard (PCI DSS).  There are multiple versions of the PCI DSS SAQ to meet various scenarios. This document has been developed to help organizations determine which SAQ  best applies to them.  Note; The sunset date of the PCI DSS v1.1 was December 31, 2008. PCI Data Security Standard 1.2 was released October 1, 2008.  We are reviewing and beginning to work on the new requirements.

    For more information, please contact us at info@klatu.net

     
    Copyright © 2002 - 2010 Klatu, Inc. Miami, Florida USA All Rights Reserved.