Retail

  • Identify critical information and related business processes

  • Inventory supporting IT assets

  • Assess threats to assets and information

  • Evaluate controls and associated risks

  • Demonstrate compliance to regulations and best practices

Retail

Contact Us

Seattle, Washington:
150 Nickerson Street
Suite 106
Seattle, WA 98109
Phone: 206-352-6028
Fax: 206-633-0235
Louisville, Colorado:
361 Centennial Parkway,
Suite 150
Louisville, CO 80027
Phone: 303-554-6333
Fax: 303-554-7555

Recent Coalfire News

Coalfire Labs
Coalfire Receives IOMA Award
Website Launch
 

Retail

Protecting sensitive data information is vital for today’s businesses. In the competitive retail market, a system breach or threat to consumer information can ruin a company’s brand and damage its competitive position. And even government agencies accepting payments by credit card must conform to standards common to the retail sector.
These retail organizations face a rapidly escalating set of regulations intended to protect customer information. A few are:
  • Payment Card Industry (PCI) Data Security Standard
  • The Sarbanes-Oxley Act (SOX)
  • The Gramm-Leach Bliley Act (GLBA)
  • Federal Trade Commission rules protecting against unfair trade practices

Merchants
Coalfire has implemented its merchant data security assessment services worldwide for organizations large and small. As a Payment Card Industry Qualified Security Assessor, Coalfire helps you meet PCI and data security requirements by guiding you through a compliance program that is cost-effective and minimally disruptive to your operations. Our assessment methodology also creates a PCI program that is compatible with other data privacy initiatives by using a common controls framework that simplifies program management and reduces the cost of compliance.
Coalfire offers comprehensive services adapted to merchant requirements:
  • PCI-certified assessment and validation services for merchants at all PCI levels
  • External network scanning services required under PCI
  • PCI program integration with controls covering SOX, GLBA, HIPAA, FISMA and emerging state data privacy laws
  • Remediation planning and PCI program management
  • Incident response, computer forensics and litigation support for credit card compromise and data security breach

Payment Application Developers
A payment application identified as insecure or the source of a compromise damages the reputation and success of the application vendor and the merchants utilizing those applications. By complying with Visa’s Payment Application Best Practices (PABP), developers can reduce risks to merchant operations and distinguish themselves as a trusted business partner.
Coalfire, a certified PABP assessor, provides validation services to help payment application developers achieve PABP compliance in a manner that makes sense for their application. Through our exclusive Rapid PABP Compliance Platform, we combine an adaptive intelligence self-help platform with a hands-on assessment methodology to guide clients through the PABP compliance process efficiently and cost effectively. Coupled with Coalfire’s certified application assessors, application developers use the Rapid Compliance Platform to select the compliance strategy that fits their application needs. Coalfire further provides value by communicating with Visa throughout the certification process, accelerating compliance with reduced impact on the development team.

Gateways & Service Providers
As a founding member of the PCI Qualified Security Assessor program, Coalfire offers PCI assessment services for payment gateways and other service providers at all levels. Our assessment methodology pinpoints gaps quickly and provides remediation options that balance the demands of PCI with operational requirements and business needs. In one streamlined effort, Coalfire guides you through the PCI compliance process efficiently with results that deliver value to you as the service provider and your customers.
Coalfire’s offers a comprehensive program of assessment services for payment gateways and service providers:
  • Authorized PCI assessment services for Level 1, 2 and 3 Payment Gateways
  • Remediation guidance designed for PCI compliance and cost-effective IT security program implementation
  • Risk assessment and penetration testing services
  • Secure portal platform to support program maintenance and on-going compliance
  • Incident response, computer forensics and litigation support
  • SAS70 services in conjunction with leading regional accounting firms

Payment Gateways
As a founding member of the PCI Qualified Security Assessor program, Coalfire’s tailored gateway services include experienced expertise in PCI and data security compliance. Our assessment methodology pinpoints compliance gaps in your IT security system to improve security while promoting efficiency. In one streamlined effort, you can comply with the extensive number of vital security and privacy regulations and industry initiatives through an effective and stable IT security program.

For more information on Coalfire's retail industry services, please contact: