Transform Customer Experience with Virtual Agents + Data + AI — Discover Now
>>
Our Company
Our Community
Executive team
Partners & Clients
News
Events

Digital Transformation

Digital Advisory Services

Assessment, Strategy & Roadmap, Enterprise Performance Management, Change Management

Digital Studio

Brand Experience, Product Vision, Product Delivery, Product Operations

Salesforce

Sales Cloud, Marketing Cloud, Service Cloud, MuleSoft Integration, Salesforce Consulting

Service Management

IT Service Management, Enterprise Service Management

Customer Engagement

Contact Center Consulting, Conversational AI, Five9

Business and Technical Consulting

Project Management, Quality Assurance, Development & AMS, Systems Integration, Cloud Deployment, Infrastructure Managed Services

Data Services

Data Engineering & Architecture, Data Management & Governance, Data Analytics & Reporting

Cybersecurity

Security Advisory Services

CISO Services, Security Program Management

Assessment Services

PCI Compliance and Assessment, Third-Party Risk Assurance, Risk & Privacy Readiness Assessment and Remediation, Compliance and Assessments: ISO, NIST, SOC, GDPR

Offensive Security Services

Penetration Testing – Network, Wireless, Web & App, Red Teaming, Social Engineering, Secure Code Analysis & Review, Vulnerability Assessment

Health cybersecurity

Risk Management Program, HITRUST Readiness, HIPAA Compliance

CLOUD SECURITY SERVICES

Cloud Security Advisory, Cloud Security Engineering, Cloud Security Assessment (FedRAMP/StateRAMP)

Innovation Lab
CURRENT OPENINGS
OUR CULTURE
OUR BENEFITS
CULTURE CREDO
Blog
Customer Experience
Agile Transformation
B2B eCommerce
FINANCIAL SERVICES
Contact Us
Locations
Our Company
Our Community
Executive team
Partners & Clients
News
Events

Digital Transformation

Digital Advisory Services

Assessment Strategy & Roadmap Enterprise Performance ManagementChange Management

Digital Studio

Brand ExperienceProduct VisionProduct DeliveryProduct Operations

Salesforce

Sales Cloud Marketing Cloud Service Cloud MuleSoft IntegrationSalesforce Consulting

Service Management

IT Service Management Enterprise Service Management

Customer Engagement

Contact Center Consulting Conversational AI Five9

Business and Technical Consulting

Project Management Quality Assurance Development and AMS Systems Integration Cloud Deployment Infrastructure Managed Services

Data Services

Data Engineering & Architecture Data Management & Governance Data Analytics & Reporting

Cybersecurity

Security Advisory Services

CISO Services Security Program Management

Assessment Services

PCI Compliance and Assessment Third-Party Risk AssuranceRisk & Privacy Readiness Assessment and Remediation Compliance and Assessments: ISO, NIST, SOC, GDPR

Offensive Security Services

Penetration Testing – Network Wireless Web & App Red Teaming Social Engineering Secure Code Analysis & ReviewVulnerability Assessment

Health cybersecurity

Risk Management Program HITRUST Readiness HIPAA Compliance

CLOUD SECURITY SERVICES

Cloud Security Advisory Cloud Security Engineering Cloud Security Assessment (FedRAMP/StateRAMP)

Innovation Lab
CURRENT OPENINGS
OUR CULTURE
OUR BENEFITS
CULTURE CREDO
Blog
Customer Experience
Agile Transformation
B2B eCommerce
FINANCIAL SERVICES
Contact
Locations
×

PCI Compliance & Assessment

Online is pleased to be recognized as a PCI DSS Qualified Security Assessor Company in Gartner’s Market Guide for PCI DSS Qualified Security Assessment Services.

Payment Card Industry (PCI) compliance is the by-product of a robust security program. We help ensure that your program is sustainable while aligning with business objectives.

If you are an entity that stores, processes, or transmits cardholder data, or if your company provides services to organizations where you could impact the security of their payment card data environments, you are required to comply with the PCI DSS.

Organizations that don’t protect cardholder data are subject to penalties and fines, not to mention increased financial and reputational risk. Online's proven risk-based approach to PCI assessments while focusing strongly on business objectives, people, processes technology, and culture has helped hundreds of clients achieve and maintain PCI compliance.

Online speaks PCI DSS v4.0!

Our consultants have spent thousands of hours reviewing v4.0 and are prepared to help you interpret how these changes affect your environment.

To learn more about how these changes will impact you, visit our PCI v4.0 Resource Center. And remember - the sooner you fall behind, the more time you have to catch up!

Show me more
PCI SERVICES AT ONLINE

Asset Management

Cardholder and PII Data Discovery

Secure Code Training

PCI Readiness Assessments

PCI Trusted Advisor Consulting Services

Risk Assessments

Remediation Consulting including Prioritized Roadmaps

Penetration Test Services (Network, Application, and Segmentation)

PCI Assessments with Attestations of Compliance

Security Awareness Training

CASE STUDY: Asset Management and PCI Compliance

A Service Provider handling customer cardholder data (CHD) engaged with Online to address multiple significant technical, procedural, and time-based requirements.

To address these problems, Online's Service Management team performed a comprehensive evaluation of the network and application environment that included both on-prem and cloud based systems, utilizing the BMC Discover platform coupled with expert analysis from our team of consultants.

Online was pleased to be able to help the Client obtain an Attestation of Compliance for 2020, avoiding fines and potentially costly contractual issues with their customers. The Client has greatly improved their security and compliance posture and is well positioned to leverage this work to create a sustainable and optimized program in the future.

Read this story
BLOG: A QSA Reflects on How Tools Have Changed How Assessments are Delivered

Online's Sherri Collis became a Qualified Security Assessor (QSA) in March 2008, and has performed hundreds of assessments through the years.

Join us in discussing how tools like GoToMeeting, Zoom, and Facetime have made remote assessments possible.

Keep Reading
BLOG: Business Resumption: Contact Centers

As businesses adapt to the changes in their operations due to the current state of our business landscape, the main question our Qualified Security Assessor's (QSAs) have been responding to is regarding how organizations can maintain PCI compliance while transitioning their contact centers (and associated business processes) to a "work from home" model.

Our team has responded by asking:

"Is this a permanent change, or a short-term change that is related to business resumption?"

Keep Reading
Expand Your Security Processes Past Compliance

Our Risk, Security and Privacy (RSP) team is committed to delivering RIGHT-SIZED SECURITY and helping our clients create and manage cost-efficient and risk-effective information security programs that are aligned with their unique needs and risk appetite.

Show me more

CONNECT WITH OUR TEAM

ADAM GAYDOSH

Director

PCI Services, Risk, Security and Privacy

let's talk
Adam Gaydosh

STEVE LEVINSON

Vice President

Risk, Security and Privacy

let's talk

Copyright © 2024 Online Business Systems - Privacy Policy - Accessibility Policy