SHOP.COM PCI Compliance Analysis
Challenge
SHOP.COM provides a single online destination where consumers have easy access to over 1.5 million products from more than 20,000 catalogers, 300,000 etailers and 475,000 retailers. At SHOP.COM, consumers' easy and convenient shopping experience is supported by a sophisticated back-end that includes communicating purchase information to the thousands of participating merchants. SHOP.COM needed to insure that it's systems met newly defined Payment Card Industry (PCI) standards.
Solution
SHOP.COM contracted with The Igneous Group to perform an audit of its business systems and processes with respect to credit card data. The Igneous Group interviewed SHOP.COM operations and information technology staff, observed its operations and data centers, and prepared a detailed report showing where SHOP.COM met the standards and where new systems and procedures were needed. We helped SHOP.COM document its security configuration and policies, and prepared a detailed spreadsheet showing the actions taken to address each of the PCI requirements.
Results
SHOP.COM is compliant with the PCI standards. Its executive staff have a single, thorough document that they can reference to insure that the standards continue to be met.