Quarterly vulnerability scans and attestation to address PCI requirements and provide critical information regarding potential network security concerns.
Self-Assessment Questionnaire (SAQ)
This 15-page Initial Discovery Questionnaire is intended to facilitate the organization in gaining a high-level overview of its information security posture and simplify the process of your SAQ. Leverage our free professional guidance and automated wizard to help simplify the process.
Information Security Policy
According to requirements set by the PCI Security Standards Council, merchants must implement and document processes around their security policies. Leveraging our 73-page Information Policy Manual, VENZA® can help establish security policies and procedures for your business. Consequently, all Company employees, contractors, part-time or temporary workers, as well as those employed by others that may perform work on Company premises or have access to Company information or information systems, are subject to all policy, derived procedures, and/or guidelines contained herein.
Awareness Certification (PCI & PII)
Educate your employees with our PCI and PII training modules that include customized training courses, course exams and training awareness certificates. Gathering inputs and factors from annual Spot-Check Awareness Audits and Phishing Campaigns, VENZA® Security Coaches will prescribe learning through online training modules, quarterly webinars and breakroom posters.
Cloud-based Portal Access
Gain complete visibility into your Human Firewall™ through the cloud-based VENZA® Learning Management System. Access your policies, training programs and information 24x7x365.
Identify and define your organization’s information security program and support needs with our Security Coach “Guides” who will craft tools and collateral to help you successfully implement the VENZA® program and create a culture of awareness. Your assigned Security Coach is knowledgeable in a variety of network environments and is here to keep you up-to-date on your compliance activities and status.
Data Breach Coverage
Administered by RGS (Royal Group Services, LLC) through this $100,000 data breach policy covers your merchants for the costs of forensic audits, fees and fines from Visa/MC, equipment replacement in lieu of fines ($15,000 sublimit), cost of required consumer notifications ($10,000 sublimit), and more. There is $0 deductible too. Managed by the North American Data Security Risk Purchase Group (NADS RPG).
North American Data Security Risk Purchase Group (NADS RPG) is the most comprehensive and cost effective breach protection program in the payments industry. This program provides up to $100,000 in protection against normal losses associated with a data breach that involves cardholder data.
$100,000 in Payment Systems Data Breach Protection that Covers:
• Cost of the mandatory forensic audit
• Card replacement costs and related expenses
• PCI DSS and regulatory fines and assessments resulting from a breach
• Cost of Account Data Compromise Recovery (ADCR) fines for credit card fraud
• Software and Hardware Upgrades when ordered in lieu of a fine, under a sublimit of $15,000
• Breach notification expenses, under a sublimit up to $10,000
– Drafting of notification letters
– Printing and mailing expense
– Required media notifications (newspaper or radio announcement)
Who is covered?
Includes all PCI DSS Level 2, 3 and 4 merchant accounts, regardless of whether the merchant is PCI DSS compliant or not at the time of the breach.
What if there is a suspected breach?
If there is a breach or suspected breach, call our QSA team to connect with you and your merchant and to assist in explaining the process and recommending to-do’s and connecting with appropriate PFI companies.
The following portal can be accessed by the merchant and the Client/ISO/Bank to provide the information on the program and to discuss claims process, etc.