NEWS | Wednesday, 26 March 2008
Kyte Consultants Ltd is the first Maltese company to be validated as a Qualified Security Assessor Company (QSAC) by the Payment Card Industry (PCI) Security Standards Council in the United States.
This means that payment gateways, processors and merchants no longer need to acquire the services of an overseas firm to be certified as being Payment Card Industry Data Security Standard (PCI DSS) compliant. This will result in considerable savings on fees and expenses.
The PCI, which is comprised of representatives from the major card brands, i.e. Visa, MasterCard, American Express, Discovery and JCB, had developed specific standards for companies that process, store or transmit credit card data.
The standard is called the Data Security Standard (DSS) and all companies who handle credit card data had to comply with this standard once the implementation of the standard became mandatory.
It then became necessary for the PCI Security Standards Council to validate companies who are qualified to certify merchants and payment processors as being compliant to the standard.
The directors of Kyte had to undergo a lengthy and rigorous application process, overseas training, and satisfy very stringent and extensive insurance requirements before being validated. The latter requirement proved to be the biggest challenge of all, but it too was finally satisfied.
On February 12, 2008 Kyte Consultants Ltd were added to the list of Qualified Security Assessors and they are now able to provide their services throughout Europe, including Malta.
Alan Alden and Trevor Axiak, Directors of Kyte Consultants Ltd, said that in their short period of time as an IT audit and security-focused company this was definitely their hardest earned but proudest achievement.
Alan and Trevor are confident that the local companies will utilise their services as it will be more convenient and less costly for them than hiring an overseas firm with the same credentials as Kyte.
Alan and Trevor are both Certified Information Systems Auditors (CISA). Combined with their experience in the IT audit and security field and their other information security certifications, namely Certified Information Systems Security Professional (CISSP) and Systems Security Certified Practitioner (SSCP), this helped them achieve the qualification and experience requirements specified for QSAs.
Last September, they also attended training in Prague. Annual training of QSAs is a requirement of the PCI Security Standards Council for them to maintain their validation.
For more information, send an email to [email protected]. |
 |
26 March 2008
ISSUE NO. 528
|
www.german-maltese.com
|
