Supporting The First Steps Toward Your Utility Becoming PCI Complaint
SEDC helps establish the procedures to protect your business and your customers from theft, fraud, and other security risks that result from the compromise of credit card data.
Becoming Payment Card Industry’s Data Security Standards (PCI DSS) compliant is a major step toward comprehensive cybersecurity and improving the cyber resilience of your utility. The requirements for compliance are much more than a simple checklist; they are a rule book for examining your network and infrastructure for possible vulnerabilities and then plugging those holes. We are committed to assisting you with the PCI DSS compliance process.
SEDC’s Cyber Resilience Initiative Team has developed the PCI Starter Kit to assist customers as they navigate the Payment Card Industry Data Security Standard (PCI DSS) requirements. Our Information Security Program Library (ISPL) includes a section mapping related PCI DSS requirements to specific sections of the ISPL.
Our Cyber Awareness Education (CAE) and Managed Security Services (MSS) address various PCI requirements; and we host a webinar class series as well as additional learning opportunities to help utilities understand PCI DSS requirements and priority milestones, reduce PCI scope, and bring the utility into compliance.
SEDC collaborates with industry leaders such as Elavon, our credit card processor, to provide our customers and Members with access to Elavon’s PCI Compliance Manager (PCM) Plus tool. PCM Plus guides utilities in meeting the requirements of PCI compliance, including completing the Self-Assessment Questionnaire (SAQ), performing quarterly scans, and completing an Attestation of Compliance (AOC). Additionally, SEDC provides active support as your utility moves toward PCI DSS compliance, making the process as smooth as possible for your business.