Security Services — CampusGuard has the tools!

 Contact Us Now

Ron King, CPISM
President and COO
(972) 964-8884 office
(214) 770-3550 mobile
info@CampusGuard.com

PCI Readiness Review

Many organizations are unsure of their level of compliance and may not be ready for a full compliance assessment. The CampusGuard PCI Readiness Review provides an on-site assessment of your readiness for PCI compliance. The objective of the Review is to launch or accelerate your PCI compliance team’s effort. The Review accomplishes the following:

  • Sets a strategic direction
  • Creates awareness among merchant departments
  • Promotes awareness and support among your Executive team
  • Promotes awareness and support of the Information Technology team
  • Creates a PCI Committee and develops a charter for the team
  • Creates a Gap Analysis Report to pin-point areas of non-compliance
  • Creates a Roadmap for PCI Compliance
  • Provides a Customer Compliance Portal to help you along the way

Vulnerability Scanning

Many organizations are required by regulatory bodies, including the Payment Card Industry Security Standards Council (PCI SSC), to perform periodic external and internal vulnerability assessments. In the event of a data breach, the lack of effective scanning and reporting can lead to a determination of negligence. Vulnerability scans from CampusGuard provide assurance and confirmation that your systems are protected.

The CampusGuard external and internal vulnerability scanning service reach beyond basic automated scanning to provide manual validation and analysis of vulnerabilities identified by scanning. We use automated and manual scanning tools to discover vulnerabilities such as deficiencies in patch management, outdated virus and malware protection, and misconfigurations that could lead to information leakage on campus systems. The scans also identify other vulnerabilities that could allowa compromise of the workstations, servers or network equipment to gain access and the data within and concludes with a detailed report that outlines validated vulnerabilities, risk ratings, and remediation recommendations and a stakeholder debriefing.

CampusGuard is your qualified source for both internal and external vulnerability scanning.

Penetration Testing

Vulnerability assessments do not exploit vulnerabilities and as such cannot verify the vulnerabilities that are discovered. Rather, vulnerability assessments only provide a “best guess” as to how susceptible a target is to attack or damage. Vulnerability scans/assessments are thus ideal for performing periodic security checks (e.g. quarterly) between annual network penetration tests. Because of these limitations it is necessary to proceed with a penetration test.

CampusGuard is experienced conducting external and internal penetration testing on networks of all sizes, as well as web applications. Our testing is closely coordinated with onsite personnel to minimize disruption to operations. When CampusGuard conducts penetration testing, there is an experienced, certified professional behind the keyboard customizing scripts and tools the way a hacker would to provide maximum value to our customers. We carefully analyze results and each report is unique, not templated from a tool or scan. Our reports provide valuable insight into true deficiencies, identify specific weaknesses and vulnerabilities; and our recommendations are designed to provide step-by-step corrective action for ease-of-use.

CampusGuard is your qualified source for both internal and external Penetration Testing.

Customer Compliance Portal

CampusGuard has developed the PCI Management Portal to enable an organization to more easily manage their PCI compliance project that may have the scope of multiple campuses and/or departments that are considered in the cardholder data environment.

Multi-level reports are available to track compliance by merchant ID, department, campus, and enterprise level – affording administrators to have a grasp of the full compliance picture across the organization. This means that the PCI administrator and also IT can easily view the progress each department is making toward compliance. Documents such as network drawings, configuration documentation, and SAQs can be retained in the portal for reference and verification to your acquirer for compliance. 

Major features include:

  • Unique login access for each merchant to complete their specific SAQ only (Many:One)
  • Administrators provided with unique administrator access to view all merchant information for scans and SAQs (One:Many)
  • Management Dashboard for online monitoring and tracking of compliance status and reporting
  • Single Sign-On 

PCI and Information Security Awareness Education

The PCI DSS requires security awareness training for all employees who are involved in any capacity in the processing, storing, and transmission of cardholder data. This includes all department staff, as well as members of the Information Technology/network teams in all organizations CampusGuard fulfills this requirement by providing an online training platform and courses tailored for training management and staff on the essentials of protecting confidential and sensitive information. The goal of Online Training is to complement CampusGuard’s security products and services, providing comprehensive, online training that satisfies all compliance requirements. The service is based on a hosted, online / on-demand platform. Our Online Training service is delivered in a “Compliance Bundle” that covers the key security issues for each category of participant throughout your organization.

Courses:

  • PCI DSS Security Awareness and Compliance for Merchants
  • PCI DSS Security Awareness and Compliance for Information Security
  • PCI DSS Security Awareness and Compliance for Executives
  • FACTA Red Flags
  • General Cybersecurity

Cybersecurity Services

The multitude of data types that need to be identified and protected in an organization can be overwhelming. This, along with federal, state, and contractual obligations that organizations must adhere to can make the task of understanding where all the data is, who owns it, and how to protect it seems like a daunting and never-ending task. Finding the right partner that has the knowledge and expertise across a broad array of solution sets can simplify the process and lead to efficiencies and improved service levels.

Solutions

Utilizing industry standard risk assessment protocols such as NIST SP 800-171, SP 800-30, 800-53 and ISO 27001-27006 CampusGuard has the tools, knowledge and experience to assist you with:

  • Risk Assessments
  • Gap Assessments
  • Information Security Awareness Training
  • Expert Consultation Services
  • Vulnerability Scanning and Penetration Testing
  • Application Scanning and Penetration Testing
  • Architecture Review
  • Configuration Analysis
  • Data Identification, Classification, and Handling
  • Disaster Recovery / Business Continuity Planning
  • Incident Response Planning
  • Social Engineering
  • Physical Systems Security
  • Policies and Procedures
  • Annual Support
  • Comprehensive Customer Service