Debitsuccess attains highest global compliance rating for customer data security

Leading direct debit payment processing company, Debitsuccess, has been recognised as the first company of its kind in Australasia to achieve full compliance with a worldwide rating standard for customer data security.

The Payment Card Industry Data Security Standard (PCI DSS) is a globally recognised information security standard for organizations that handle credit cardholder information. Originally set-up in 2004 by five major international credit card companies, the standard was created to increase controls around cardholder data to reduce credit card fraud.

While Debitsuccess has been a PCI DSS compliant company for a number of years, new additional rigorous requirements have been introduced by the Payment Card Industry Security Standards Council to provide even greater security measures within the standard.

Debitsuccess Chief Executive Allan Dickinson believes that the company's compliance with the highest level of the standard will be of enormous comfort to Debitsuccess' clients as they can be confident that their financial data is being handled in the most secure of environments.

Although Debitsuccess does not currently process the number of transactions that would mandate an external assessment to accredit the company as being Level 1 PCI DSS compliant, Dickinson says the company decided that it would make the investment of time and resources in order to achieve the ultimate level of compliance possible within the PCI DSS regime.

"As we saw with recent high profile data breaches at Sony and Lush Cosmetics, an organisation's reputation and assets are constantly vulnerable to attack from unscrupulous individuals.

"Debitsuccess is committed to being part of the leading edge of information security, protecting both the security of the data it possesses and the integrity and reputation of the company."

Additionally, Debitsuccess decided to seek compliance under the latest 'version 2.0' Standard, which is not a compulsory requirement until 2012. Having now achieved compliance, Debitsuccess is one of the few companies in Australasia to meet the latest Level 1 PCI DSS version 2.0 requirements.

The PCI DSS compliance project has been headed by Debitsuccess' Group Compliance Manager, David Morris, while most of the technical changes to the company's infrastructure have been the responsibility of Debitsuccess' IT Manager Steven Holmes.

Morris highlights that the commitment from all the Debitsuccess employees has been critical, stating "anyone attempting to manage a PCI DSS project will require total buy-in from senior management and every definable section that is connected to sensitive data.

"To be able to get every stakeholder to meet concurrent andcontemporaneous milestones can be a challenge, but thanks to the outstanding commitment at Debitsuccess, the project proved to be a great success and a galvanisinginfluence on the company."

While pleased that Debitsuccess' pre-existing regime was proven to be highly secure, Holmes says he is now satisfied that the additional measures implemented will serve to further strengthen the architecture in place.

He adds "the IT team feels a great sense of accomplishment and pride in meeting the extremely rigorous requirements of PCI DSS."

The PCI DSS external assessment carried out at Debitsuccess was undertaken on behalf of the Payment Card Industry (PCI) by a Qualified Security Assessor (QSA). Roger Greyling of Security Assessment, a division of Dimension Data, has worked in partnership with Debitsuccess, providing advice and support to achieve compliance since March 2011.

Click here to contact Debitsuccess via their entry in the Australasian Leisure Management Supplier Directory.

14th April 2011 - DEBITSUCCESS HELPS YMCA AUCKLAND & HAMILTON INCREASE MEMBERSHIP AND ASSIST YOUTH