News

De-Scoping a Call Centre Brings Improved Security and Saves Money

Reducing PCI scope in the call centre is not an easy task and the penalties to Canadian merchants for non-compliance can be severe. To gain a perspective on some of the challenges involved, just take a look at the 2015 Verizon PCI Report.

If you work with Semafone, your customers can reduce or eliminate costs when descoping their call centres because the following specific PCI compliance requirements are no longer applicable:

Eliminated Requirements
Not required 1 Install and maintain a firewall configuration to protect card holder data
Not required 2 Do not use vendor-supplied defaults for system passwords and other security parameters
Not required 3 Protect stored cardholder data
Not required 4 Encrypt transmission of cardholder data across open, public networks
Not required 5 Protect all systems against malware and regularly update anti-virus software or programs
Not required 6 Develop and maintain secure systems and applications
Not required 7 Restrict access to cardholder data by need to know
Not required 8 Identify and authenticates access to system components
Not required 9 Restrict physical access to cardholder data
Not required 10 Track and monitor all access to network network resources and cardholder data
Not required 11 Regularly test security systems and processes