ComplyGuard Networks Merchant PCI Program Features (details below)

●   24-hour access to our on-demand testing portal
●   PCIMail™ Secure email and dynamic FAQ account
●   Learn2Comply™ Interactive Online PCI training
●   Comprehensive scanning of all IP ports
●   Unlimited Testing model for all contracted IP addresses
●   Detailed technical reports with remediation advice
●   Quarterly Compliance Certificates
●   Online Self-Assessment Questionnaire
●   PCI tested Web Seal for website
●   Range Probe Function determines which IP’s are open and active
●   Delta Report highlights differences over time between IP tests
●   Online help and FAQ
●   Technical support
●   Available consulting, remediation, penetration tests, and forensics services

ComplySheild™ 24-hour access on-demand testing portal
As a subscriber to the ComplySheild™ testing portal you have 24-hour access to run PCI vulnerability scans on-demand or use the scheduler to run tests every 90days, every month, or any future dates you wish. Your test reports are always available online to view via HTML or download as a PDF document. All functions are one to two mouse clicks away, and there is a full PCI knowledgebase available to answer all your questions.

PCIMail™ Secure email and dynamic FAQ account
PCIMail™ is the most effective way for you to handle customer support issues online and save money on support issues. This enterprise class web support account is included with your service. With it you place a help button on your website that allows customers to submit an inquiry about your company or services. The keyword search function will return all relevant answers, and documents. It will display the top 10 most frequently asked questions, and provide the option to escalate the inquiry to a secure email. 
• Saves money by reducing the number of support calls requiring a live operator
• Prevent shopping cart abandonment by instantly answering pre-sales questions
• Provide the knowledge customers need to make an intelligent purchase decision
• Route requests to multiple departments you define with skills based routing
• Every email inquiry is provided a ticket number for tracking purposes
• Auto-responder sends a message to your customer with their ticket number
• When you answer, the customer is sent an email asking them to login for their answer
• All emails are 128 bit SLL encrypted
• Section 4 of PCIDSS requires secure communications on transactions with your customers
• Included pager alert function for critical customer requests 
• The look of PCIMail™ is customizable and supports up to 10 user seats.
• You get a full management interface to set up the account with your FAQ’s and answers, a document uploading feature to store all your marketing and support literature, and the ability to create unlimited departments, email accounts, and routing options.

Learn2Comply™ Interactive Online PCI training
We will help you understand the compliance and validation requirements with Learn2Comply™, an online e-Learning module.  Our first 30 minute training module “Complying with the PCI Data Security Standard: What Risk Owners Should Know” provides a good overview of requirements and common compliance issues. You are led by a top industry professional who will explain what PCI encompasses, why it is important to you, and portrays common issues and solutions in an interactive presentation that engages you to answer questions about the different risk scenarios. This also enables you to meet Section 12.6 of PCIDSS covering employee training on PCI security.

Comprehensive scanning of all IP ports
The depth of testing performed is very important. Each IP address has over 64,000 available ports. To save money on bandwidth costs, most testing vendors test only a very small number of them. They select what they feel are the popular groups and only fire the tests against this limited amount. ComplyGuard Networks tests all 64,000+ ports of every single IP address. We fire in excess of 23 million separate tests against each IP in our PCI DSS vulnerability test. It is the reason why many of our PCI assessor partners and large customers prefer to use ComplyGuard.  We generally find things that even expensive outsourced penetration tests do not. It is our testing philosophy to be as thorough and accurate as possible.
Developing compliance testing tools is our only business. 
 
Unlimited Testing model for all contracted IP addresses
With ComplySheild you can test each IP address as many times per year as you need to maintain your compliance. Each and every time there are any changes to your network infrastructure or new software updates and patches are added, PCI DSS requires you to re-test your network. This is the only way to maintain security integrity and be sure that any changes made did not open your system up to new vulnerabilities.
In the event of a data breach, documented proof that you have completed this will be required for a forensic review or the discovery process in a lawsuit.
 
Detailed technical reports with remediation advice
Once your test has completed, the full details are available immediately via the online HTML view, or downloaded the report as a PDF documents for printing, storing, or forwarding. You receive an executive summary, vulnerability summary, technical detail report with descriptions, and advice on fixing any discovered problems. You can sort the vulnerabilities by severity so you can focus on the most critical items first. There are additional links to the CVE database and other resources to provide further insight to any reported issues.


Quarterly Compliance Certificates
Instantly download your quarterly compliance certificate as a PDF document for all IP addresses that pass the vulnerability scan and forward to your acquiring bank.
Online Self-Assessment Questionnaire
Access the Self-Assessment Questionnaire right from your testing account with a single click.
It is arranged in sections that you may complete and update as needed. Since it is database-driven all information is stored and can be retrieved at any time. It may be viewed online or downloaded for printing and storage. We eliminate the need for having to print and fill out a paper document and fax it to your acquirer.

PCI tested Web Seal for website      
Once all your IP tests are complete and compliant with PCI DSS, we provide you with a PCI tested website seal to place on your website. Helps to build your customer’s confidence in placing a credit card order on your website and may also help cut down on shopping cart abandonment. Let your customer know that your company has taken the appropriate steps to insure their credit card information will not be stolen. It is dynamic and requires that you maintain your compliance with the program to remain on your website. When your customer clicks on the site seal, your PCI certification will be displayed.  
ECHO Credit Card Processing has been tested and found compliant under the PCI bankcard security standard by ComplyGuard Networks, Inc. ECHO provides credit card processing, merchant accounts and check payment processing services

Range Probe™ Function determines which IP’s are open and active
PCI DSS requires us to check your entire IP address range to determine which IP’s are open and active. Any discovered open ports must be closed if not needed, or tested for security vulnerabilities. We will identify them in the report and you have the option to test all discovered (open) IP addresses with a single mouse click to launch the vulnerability scan. Range Probe does not perform a full IP scan and may be run at any time with no effect on production systems. Subscribers may test any number of IP addresses with this feature. It does not matter how many IP’s you are contracted for your regular full PCI scans.

Delta Report™ highlights differences over time between IP tests
Included in our service is the Delta Report™ which provides change management documentation. . This report will allow you to see the differences in tests over time. It is an added value in our tool set as it provides the complete history of change of a particular IP.
It will provide information regarding which vulnerabilities previously required remediation, which ones remain unchanged, and alert you to any new vulnerabilities. The Delta Report is the foundation of documentation needed for statutory compliance as well as being a “Best Practice” in managing any network.

Online help and FAQ
Your questions on PCI or using our system are handled by our extensive knowledgebase that covers all aspects of PCI DSS. This information was compiled and authored by the top authorities in the field that helped to create the PCI standard. The information will give you both the specification details and real world application advice. You may access PCI documents, user manuals, news, white papers, and other valuable information. Support questions can be submitted and answered via secure email. This is the same PCIMail™ product you will receive with your service.



Technical support
Our online FAQ and knowledgebase can answer most questions but if there is an issue requiring personal attention you will receive full technical support from our support specialists. We are available through online chat, email, or phone.
Available consulting, remediation, penetration tests, and forensics services
ComplyGuard Networks can provide any PCI or network security related services you may require.
Please call us at 800-PCI NOW1 (1-877.724.6691) or request more information at sales@complyguardnetworks.com