About Sword & Shield
Since 1997 Sword & Shield has been the trusted information security partner for 3000 clients in 50 states and 27 countries around the globe.
Awards CertificationsRequest Consultation
Company News
-
800-810-1885
Your Partner for a Secure Future
- Home
- Services
- Industry Solutions
- Products
- About
- Contact
- Blog
Security Testing
Risk and Compliance
Forensics and eDiscovery
Security Products
© 1997-2010 Sword & Shield Enterprise Security, Inc.
Experian EI3PA
If you are a company processing, storing or transmitting credit information provided by Experian, you may be required to have your systems assessed to determine how you are protecting this information, both externally and internally, from unauthorized users. Experian chose to adopt the PCI DSS process to assess how securely you are protecting the credit information and, as a PCI QSA (Qualified Security Assessor), Sword & Shield is qualified to assess your systems containing credit information.
EI3PA GAP Analysis (Pre-Audit)
If you are facing an EI3PA for the first time, the assessment can be a daunting task. The first-year Report on Compliance ( ROC) almost always reveals significant gaps in operations, security processes, and controls, leaving the organization with many unanswered questions and an unclear road map to compliance.
Our EI3PA Gap Analysis/Remediation Plan helps avoid the drain of both time and capital that are associated with a first-time ROC. Our analysts perform a review of your security processes and controls against the full PCI DSS but without the exhaustive operational testing required by the ROC testing procedures. Our process identifies gaps and creates a remediation plan to allow your organization to concentrate on meeting compliance time lines and budgetary constraints.
EI3PA Onsite Report on Compliance (ROC)
As a PCI QSA, we provide comprehensive security assessments of the Data Security Standard, which results in a documented Report on Compliance (ROC). The ROC provides independent validation of compliance required by Experian. Our ROC assessments are led by senior security analysts who maintain CISA and CISSP certifications. Our auditors intimately understand the retail -and service-provider processing models and the idiosyncrasies that make your business unique. We help our clients understand compliance risk, control options and compensating control strategies as they work toward achieving and maintaining PCI compliance.
Quarterly Scans
Sword & Shield resells Qualys and SecureWorks Approved Scanning Vendor (ASV) Services. Quarterly scanning by an approved ASV is required as a periodic test that new vulnerabilities have not been introduced as changes are made to your systems.
Web Application Test
If you have a web site that collects, stores or transmits credit information, PCI DSS Requirement 11.3.2 may apply. This requirement states that you should perform application-layer penetration testing at least once a year and after any significant application upgrade or modification. Sword and Shield also provides Web Security Testing.
Annual Network Vulnerability and Penetration Test
PCI DSS Requirement 11.3.1: PCI Penetration Test states that you must perform network-layer penetration testing at least once a year and after any significant infrastructure upgrade or modification. Sword & Shield can provide Penetration Testing and Vulnerability Assessments.
Wireless Assessment
If you have wireless access points in your payment card network, PCI DSS Requirement 11.1 may apply. To meet this requirement, you must test for the presence of wireless access points by using a wireless analyzer at least quarterly. Wireless Security tests are also a part of Sword & Shield’s overall offerings.
Find Out More
Sword & Shield has been outsmarting cyber-criminals and improving security for enterprises around the world since 1997. Fill out our Consultation Request form or contact us by phone so we can begin securing your future.
U.S. Toll-free: 800-810-1885
International: 865-244-3500
Request a Consultation