Opt-Sec was formed with a clear objective:-
The Frameworks for Best Practices in information Security have already been comprehensively laid out in a number of Policies. These policies have been introduced by various organisations (ISO, PCI etc) with the aim of standardising terminology, definitions and minimum requirements. They are far from easy to understand however, and tend to be overly complicated, riddled with jargon and very confusing.
To compound matters, many vendors have jumped on the bandwagon and will go to great pains to point out how their products will “make you compliant”. This is usually because the use of their product will probably contribute towards the satisfaction of one or more of the requirements of one of the major Policies, but it is hardly ever because the product does everything that needs to be done to satisfy any Policy completely.
We thought there was a growing need for a Team who could explain which products can help and in which ways – using products to help satisfy compliance instead of using compliance to help sell products!
We thought there was also a clear need for simple to use systems that can help those tasked with making their organisations compliant to understand their chosen compliance Policy, manage the compliance Processes and implement the right technologies – through to Certification and beyond!
We can’t make you compliant – only you can do that – but we can optimise your efforts to secure your information, become compliant and stay compliant, in the minimum time and with the minimum effort and cost.
Please feel free to explore the pages of this website to learn more and, when you’re ready, we look forward to working with you.
Global payment and cybersecurity experts met this week at the annual PCI North America Community Meeting to discuss the state of payment security and its evolution going forward. Marking its 10-year anniversary, the PCI Standards Council (PCI SSC) reinforced its mission to foster secure transactions globally, emphasizing that as new cyberthreats emerge, and advances in technology change the way payments are conducted, PCI Standards will evolve to protect the next generation of payments.
The PCI Council has updated its payment device standard to enable stronger protections for cardholder data, which includes the PIN (Personal Identification Number) and the cardholder data (on magnetic stripe or the chip of an EMV card) stored on the card or on a mobile device.