Since 2014, Infosend has partnered with SecurityMetrics to meet their PCI compliance needs, ensuring their processes remain secure and their clients’ data is protected.
In today’s digital age, ensuring secure transactions and meeting PCI requirements are critical for companies handling sensitive customer information. Infosend, a leading provider of billing and payment solutions, understands the importance of maintaining the highest security standards. Since 2014, Infosend has partnered with SecurityMetrics to meet their PCI compliance needs, ensuring their processes remain secure and their clients’ data is protected.
Want to watch our InfoSend Case Study Video? Check it out here.
When it comes to audits and assessments, Martin’s experience with SecurityMetrics has been positive, which hasn’t always been the case with other companies.
“We’ve been through other types of audits, and it's difficult to collect evidence because it's typically done from a nontechnical standpoint. We’ve done SOC audits in the past that were done by accountants who aren’t technical, and we’ve gotten very broad questions,” Martin explains. “Whereas dealing with SecurityMetrics, we’ve received specific technical questions that have concrete answers for us to send back.”
By focusing on technical accuracy, Infosend’s PCI assessment process has become both easier and more effective.
Need help with PCI Compliance? Check out the SecurityMetrics PCI Compliance IT Checklist.
As the PCI standards evolve, staying ahead of the curve is crucial for compliance. Infosend was well-prepared for the transition to PCI version 4.0, thanks to their proactive approach and the guidance from SecurityMetrics.
“We were aware of it. We read through the 4.0 standard before and talked with our assessor about the changes and the exact differences so that we could try and make sure that we comply with those things that are different. So we had about six months of a heads-up,” says Martin.
Despite the new challenges, Martin’s team approached the changes with confidence. “It was definitely different, but it wasn't different in a bad way,” he says.
The security of knowing they could rely on their previous 3.2.1 assessment helped ease any anxiety. “Our stress level related to PCI version 4.0 wasn’t bad because we knew that if anything major came up, we could always fall back on our 3.2.1 assessment this year and still be valid.”
According to Martin, one of the standout aspects of working with SecurityMetrics is the collaborative approach they bring to the table. Unlike other assessments that might feel adversarial, the experience with SecurityMetrics is one of teamwork and shared goals.
“Working with SecurityMetrics has been much less confrontational and more like we are working on a team that wants to make things better. In the past, it’s felt like assessors come in and want a big ‘gotcha!’”
This cooperative spirit has made the assessment process smoother and helped Infosend enhance its security measures beyond meeting compliance requirements.
A key tool in Infosend’s compliance process has been the SecurityMetrics portal, which has streamlined their assessments and ensured clear communication.
Martin highlights the portal’s effectiveness: “The assessment process is also very smooth. You get clear questions about what’s needed, so you’re able to give specific answers instead of trying to guess what is needed.”
Martin appreciates the portal’s features, such as tracking progress, easy access to past assessments, and a clear communication channel with the assessment team. “It’s nice to know that we have the ability to look back on past assessments,” Martin says, “The other portals we have used don’t have that ability.”
This ability to access historical data and maintain a clear line of communication has significantly improved Infosend’s compliance process, making it easier to address any issues that arise.
Even beyond the assessment process, Infosend has found SecurityMetrics to be a valuable partner in navigating the complexities of PCI compliance. Martin appreciates the ongoing support and the ability to consult with SecurityMetrics professionals on new technologies and potential compliance concerns.
“I appreciate that you guys are always there for us to contact if we have questions. As things change and new technologies come out, we can always bounce ideas off of our assessor or other SecurityMetrics professionals for advice.”
Infosend’s partnership with SecurityMetrics has been instrumental in its successful PCI compliance journey. From the technical expertise provided during assessments to the streamlined processes facilitated by the SecurityMetrics portal, Martin’s experience highlights the many benefits of this long-standing collaboration.
“Our partnership helps us not only comply with PCI but also make our processes better and more secure,” Martin says. With the continued support of SecurityMetrics, Infosend is well-equipped to meet the demands of an ever-changing security landscape.
.svg)
