Compliance confluence: 1st Credit and SureCloud
1st Credit
A complete picture
And, the tool has delivered. In November, for the third year running 1st Credit received the Compliance Team of the Year award at the prestigious Debt Collection Awards, held in Manchester, U.K. “In order to achieve this we had to demonstrate a culture of compliance throughout every aspect of our business, and SureCloud really assisted with this from an IT perspective,” says Bover. “It gives us a complete picture of our information security and PCI DSS posture at any one moment in time via a single platform.”
He says that when using the tool his team can drill down into the information as required, making it easy to identify any potential vulnerabilities so as to quickly resolve them with the service desk. “In effect, we have gained a PCI DSS reporting dashboard that not only assists in maintaining compliance, but also makes it demonstrable.”
1st Credit is currently working with SureCloud on expanding the compliance portal to include third-party vendor management as it works toward ISO 27001. This will save the IT team a considerable amount of time in ensuring the compliance status of third-party vendors that it uses, and allow the limited time available during site audits to be focused on areas of concern as opposed to data gathering, says Bover.
|
Kudos: Compliance In mid-November at the Palace Hotel in Manchester, U.K., 1st Credit achieved an unprecedented first for the industry. The finance company was announced winner of the ‘Compliance Team of the Year' award for the third year running at the Debt Collection Awards, produced by Credit Today, an online portal for trade credit professionals. “It is great to be recognized by the industry for the hard work and dedication of the 1st Credit employees,” said Eddie Nott, CEO for 1st Credit. “The compliance team deserves huge congratulations. This is a very proud day for all at 1st Credit.” Compliance is at the heart of all policies and procedures at 1st Credit, he added, and the firm continues to enhance and develop existing compliance strategies and to introduce new initiatives throughout the company – both for the benefit of the business and its customers. “We are extremely proud of this magnificent accolade,” said Bob Kingdon, head of compliance for 1st Credit. “To win the award for a third year is fantastic. At 1st Credit, we are committed to driving best practice both within our own business and across the industry, and will continue to do so.” PCI DSS: 12 requirements Build and maintain a secure network1: Install and maintain a firewall configuration to protect cardholder data. 2: Do not use vendor-supplied defaults for system passwords and other security parameters. Protect cardholder data 3: Protect stored cardholder data. 4: Encrypt transmission of cardholder data across open, public networks. Maintain a vulnerability management program 5: Use and regularly update anti-virus software. 6: Develop and maintain secure systems and applications. Implement strong access control measures 7: Restrict access to cardholder data by business need-to-know. 8: Assign a unique ID to each person with computer access. 9: Restrict physical access to cardholder data. Regularly monitor and test networks 10: Track and monitor all access to network resources and cardholder data. 11: Regularly test security systems and processes. Maintain an information security policy 12: Maintain a policy that addresses information security. Source: NDB Advisory |
