EZITconnect was engaged by DIT in response to a request by one of DIT’s client’s for an on-site audit to confirm PCI compliance/readiness and ensure that DIT met certain critical criteria set forth by DIT’s client. Initially EZITconnect performed an audit to gauge the gap assessment between PCI-DSS version 3.2 standards and DIT’s current standards.
• EZITconnect deployed a CheckPoint solution in conjunction with “sniffer tools” on the network.
• EZITconnect interviewed and documented all security and business processes as part of the audit.
Over 400 tests were conducted within DIT’s environment on the following:
• Building and maintaining a secure network
• Protecting cardholder data
• Maintaining a vulnerability management program
• Implementing strong access control measures
• Regularly monitoring and testing networks
• Maintaining an information security policy
Gaps were identified and EZITconnect prioritized the risks associated with the various gaps and remediated them.