PCI Security Alliance Solutions Referral Tool

Welcome! This Solutions Referral website puts clients with PCI Data Security Standard (DSS) compliance problems in touch with vendors who have solutions. While no one vendor can fulfill all DSS compliance needs, together our members can meet most of them.

The June 2007 study by the Aberdeen group, available here, showed that nearly half of DSS regulated companies were not yet in compliance, including 49% that had not yet done a formal risk assessment.

“The first step is to understand where and how cardholder data is flowing in your current environment,” said Derek E. Brink, vice president and research director at Aberdeen Harte-Hanks. “From there, a risk assessment and gap analysis that compares your existing security controls to those specified by the PCI DSS is a critical next step towards the ultimate goal of achieving and reporting PCI compliance.”

This Solutions Tool website meets the needs both of firms that have done an annual risk assessment and those that have not. Firms that have done a risk assessment and know what DSS requirements they need help with can go here. Those who have not yet done a risk assessment can order the software here, and go here to complete the "Turbo-Tax" style demonstration. Following the risk assessment, go here for a listing of DSS requirements and PCI Security Alliance member solutions.

Information on PCI Security Alliance member solutions has been provided by the members. This information is provided in good faith by the PCI Security Alliance and has not as yet been independently confirmed. In 2007 the PCI Security Alliance elected a certification program Chair to develop independent ratings of member solutions.