Rate this article: (1 votes, average: 5.00)
If you want to be compliant with Payment Card Industry Data Security Standards (PCI DSS), then you’re required to perform quarterly scans of your internal and external networks using an approved scanning vendor, or ASV.
Sure, you could not do that and run afoul of PCI DSS and get fined by your acquiring bank… and lose the right to accept payment cards… and get dropped by the aforementioned bank… and then have to lay off all of your employees and liquidate your inventory… and sell your home to cover the debt — all the while lamenting that you shouldn’t just done the scans…
You do you, man.
However, in the event you’d like to avoid a calamitous downfall, let’s talk about PCI approved scanning vendors, or ASVs, and what’s required of you.
Everyone has to do PCI Scans — period. Requirement 11 specifies that and lays it all out in black and white. This means that you’ll need to perform quarterly scans of your environment and submit reports to your acquiring bank.
There are two kinds of scans EVERYONE has to run, and third type that’s more limited. Let’s start with what everyone has to do:
To perform these scans, you need to go through a PCI approved scanning vendor such as Comodo CA.
A PCI DSS approved scanning vendor is not unlike a certificate authority (CA). In fact, a lot of approved scanning vendors ARE certificate authorities. That’s because CAs are required to operate openly and with complete transparency. They undergo regular audits and reviews to maintain their trusted status. In other words, they’re highly reputable and want to stay that way. So, when they say you ran a scan, the PCI SSC can trust and believe it.
But not all approved scanning vendors are equal. Some operate with a malware library that’s nowhere near as extensive as others. Other scanners don’t offer remediation advice, which forces organizations to seek out their own solutions and oftentimes requires paying an outside firm to assist.
Speaking from experience, we recommend using Comodo HackerGuardian for your scanning needs. Not only does it produce ready-to-submit reports, but it’s also the cheapest scanner on the market. Comodo CA has built its scanner on top of its antivirus’s malware definitions. Normally, this solution retails for about $250 when you buy it from Comodo CA directly. At ComodoSSLstore.com, we sell it for as little as $72.42 per year.
You have to scan if you want to be compliant, avoid non-compliance penalties, and just do right by your customers. But why pay more than you have to? Get the right solution for your business at the best price.
Get Comodo HackerGuardian to stay compliant with Payment Card Industry standards starting for as little as $72.42 per year!