More payment card security for the tourist industry – peakwork successfully PCI DSS certified.

4. January 2016

And so peakwork AG, a leading software specialist for the tourist industry, is another player of this sector who has decided to partner usd AG in achieving certification according to the PCI DSS international security standard of the payment card industry.
At the end of August 2015, the course was set for the cooperation between peakwork and usd with the objective of achieving certification in December 2015. Janette Pitzschel and Jan Kemper, IT security consultants of usd comment: “It was important for us to prepare our peakwork colleagues for the upcoming audit as thoroughly as possible. We realized straight away that our customer’s experts had very good technical know-how, while always keeping their goal in mind. Thus, our cooperation was very efficient even during the audit’s preparatory stage.“
Ralf Usbeck, CEO of peakwork, in response to the question of why his company decided to acquire PCI DSS certification: “Highest quality, up-to-dateness and promptness of data, that’s what we promise to deliver. We’re very proud of the confidence that our customers place in our solutions. Tour operators, hotels, airlines and sales channels use peakwork’s technologies. From the inputting of travel offer data, over sales real time searches up to precise, customer tailored travel packaging – all the elements of the process need to fit together smoothly. IT security is one of the most important prerequisites for the sustainable success of our solutions. Therefore, certification according to PCI DSS, as a further proof of quality in the area of IT security, was a logical consequence for us.“
The audit period started end of October. Christopher Kristes, Manager PCI & Payment Security at usd: “The audit plan was definitely ambitious, but the audit went smoothly. The preparations and planning were perfect. A great achievement especially for a first certification. peakwork is a customer that has firmly embedded IT security in its product policy. Of course, this makes a successful audit easier to achieve.” Peter Cramer, IT Director of peakwork is also glad: “IT security precautionary measures have a high priority for us, starting during the development stage. For our sector, the continuous fulfillment of compliance requirements goes without saying. All the same, we’re proud how well both teams worked together in this certification project.“
Following successful approval of the Report on Compliance** by the PCI Security Standards Council, the PCI DSS certificate was awarded beginning of December.
* The term Qualified Security Assessor (QSA) Company refers to companies officially accredited by the PCI Security Standards Council to perform certifications according to PCI DSS.
**Report on Compliance refers to the final report of an audit according to PCI DSS.

Also interesting:

usd PCI Best Practice Workshop 2021

usd PCI Best Practice Workshop 2021

For many years, the usd PCI Best Practice Workshop has brought together responsible PCI personnel from companies of all sizes and from all industries to discuss current topics from the world of payment card industry together with PCI experts from usd. The interactive...

3 Reasons for a Cloud Security Audit

3 Reasons for a Cloud Security Audit

Outsourcing applications and data to the cloud brings significant benefits for companies, but at the same time also new challenges for the corresponding IT departments. The technologies and processes of a cloud environment differ from those of local data centers....

usd HeroLab Top 5 Vulnerabilities 2020: SMB 1.0 & SMB Signing

usd HeroLab Top 5 Vulnerabilities 2020: SMB 1.0 & SMB Signing

During penetration tests our security analysts repeatedly uncover gateways in IT systems and applications that pose significant risks to corporate security. They increasingly identify the same vulnerabilities in different IT assets, some of which have been known for...

Categories

Categories