Medoc is PCI-DSS Level 1 Compliant - is your eCommerce supplier?
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organisations proactively protect all customer account data, not just cardholder data.
Medoc was one of the first software houses in the UK to become PCI DSS Level 1 compliant, in 2007. Being Level 1 compliant means that we have been accredited via a comprehensive process to document and analyse vulnerability via scanning and penetration testing, to the final production of a Report on Compliance (ROC). To achieve this, each year we undergo a lengthy and rigorous independent audit, and considerable investment is made to retain Level 1 PCI DSS accreditation.
Being Level 1 PCI DSS accredited means we operate and manage our business with the highest degree of integrity and security, and gives peace of mind and assurance to our Clients for their own compliancy requirements. Level 1 accreditation is a standard that should be reached by every UK eCommerce solution provider, but unfortunately as can be seen from the many instances of breaches of security, it is frequently not.
Level 1 Certification is the only level of PCI DSS compliance that is INDEPENDENTLY audited by a certified third party (in our case Sysnet, www.sysnetgs.com ) and not simply by the web company themselves.