Featured Coalfire Video

See why organizations in a wide range of industries turn to Coalfire to address their IT GRC challenges.

The Coalfire Blog
Surprises Ahead for Some Level 2 Merchants

The PCI DSS has been around for years, and most PCI “pro’s” are familiar...


IT GRC on the Leading Edge

Retail is on the leading edge of our economy - an early indicator of conditions ahead.  That’s also true in the world of IT GRC, where retailers are on the front lines of the data security battle.  Major retailers are well-versed in the PCI DSS and are now implementing technologies that reduce their PCI scope and address emerging risks brought about by mobile technologies and social media. Smaller retailers are just now becoming PCI-aware, and are looking for compliance solutions that are both accurate and cost-effective.

Compliance Matters

If you ignore PCI compliance, or even if you don’t properly document or test your controls, you are taking unnecessary risks. On the other hand, if you over-do compliance, you spend too much money or limit your business opportunities.  That’s why you need a partner like Coalfire.

Real Challenges, Real Value

Coalfire will help you develop a right-sized compliance program.  Not only will we help you get compliant, we will help you get value from the program. For retailers, we are particularly focused on:

  • Helping merchants that are new to PCI learn the standards and complete their first full assessment.
  • Providing advice on how to reduce PCI scope as much as possible through segmentation and implementing technologies like encryption or tokenization.
  • Helping you select controls that fit your business and operations
  • Providing guidance for developing procedures that protect your front-line associates.
  • Verifying that controls are working as intended.

Coalfire Can Help

Quite simply, we know retail, and retail knows us. We are the PA-QSA for many of the leading POS applications, and we're the QSA-of-record for over 200 leading multi-channel merchants. And 9 out of 10 of our customers engage us year after year. We are different than the firms that try to sell you security solutions. We are completely independent and focused only on your business goals.

Related Resources
Follow us to get the latest updates.