Compliance for Credit Card Processing
A client that manufactures tools for heavy industry came to us for help complying with PCI DSS (payment card industry data security standards). After reviewing a self-assessment questionnaire and discussing the issue in depth, we concluded that the client’s process was not aligned to the guidelines — and didn’t need to be.
Some companies rely heavily on on-site credit-card processing. For them, PCI compliance is essential, for their protection as well as their clients’. But for this company, credit cards were used only to secure payments for goods, and there were more effective and efficient alternatives. We recommended an alternative process of going through a third party such as a bank or another processor, eliminating the need to implement significant changes to their internal processes and technology.
PCI DSS guidelines require separating credit card processing environments from other production environments; change controls to review changes to the environment before they are implemented; encrypting locations where credit card data is stored; and auditing all access to environments containing credit card data.
A new client with offices in Cleveland and Houston didn't have much IT expertise in-house. To prepare for growth, they needed a wide range of our services just to get their systems up to baseline standards. Ashton Technology Solutions swung into action with its proactive IT management strategy.
First, we installed a reliable offsite data back-up system and standardized all the desktops and servers. We also documented the network with a graphical map, which indicated all workstations for desktops, wireless connections and phone lines.
To boost security, we tested and deployed a patch management system, and added a fix so that servers would shut down properly in the event of a power outage. We made sure that all Microsoft updates were current across the entire network and secured their wireless network.
Finally, we established the standards and guidelines under which ongoing maintenance and troubleshooting could be quickly executed. It included defining processes for identifying problems and establishing a ticketing system for tracking and resolving problems.
By working with us, the client gained a clearer picture of the state of their systems, and was therefore better prepared for growth through upgrades.
A nationally renowned bankruptcy and foreclosure law firm located in Twinsburg, Ohio, began experiencing symptoms of a major IT problem early one Tuesday afternoon. Since the firm utilizes a complex database in its daily practice, those symptoms began to look ominous, and at 3:46 p.m. that afternoon, the database crashed, grinding the firm's operations to a halt.
By 4:30 p.m., we were on the scene, running tests and conferencing with their application manufacturers to determine the exact source of the problem. Our specialists remained on site until 3:00 a.m. the next morning to ensure that all 130 employees in the office would be able to start their work day without a hitch.
"They take care of us as if our business was their business," says the law firm's administrator, "If you're looking at five stars as being the top - they're five and a half."
A longtime customer on a managed services contract had outgrown the Small Business Server solution they had been using for years. Without an infrastructure upgrade, the law firm's growth would be stalled.
Ashton Technology Solutions worked closely with them to grow their IT environment to a multi-server network. The new system needed to consolidate and distribute data better across the system, balancing functions across the entire network. It would have to run their email system, printers, databases and line of business application.
It took considerable planning to accomplish the switch. Among other complexities, there was a licensing issue, and a server was coming off warranty. The entire project took approximately six to eight months, but most of the heavy lifting was accomplished in just six weeks.
The upshot: a safer, smoother-running and more secure system. Best of all: thanks to careful planning, the switch to the new network was accomplished with zero downtime.
A long-time client had been suffering through poor network performance due to aging switching equipment and needed a path to a more stable and higher-performing network to accommodate the increased growth in both wireless and wired devices.
Of the 20 switches deployed throughout the organization, only three were newer than four years old and worked at the current standard of 1Gb connections to the desktop. Between switching closets and the core switches, the network traffic was choked down to 1Gb links causing significant bottlenecks. Needless to say, performance was very bad, but worse than that were the interruptions and constant reconfigurations required due to failing equipment. Since the phone system was also dependent on the network, the client considered the upgrade of the networking infrastructure to be critical to its operations.
After discussing multiple options, a tentative design for complete replacement of the switching infrastructure was arrived at and pricing acquired. It became obvious that the pricing for the preferred vendor was prohibitive and other options would need to be investigated to meet the goals of complete platform replacement and improved performance.
We continued working on the problem and offered a solution that would not only improve performance but saved the client nearly 50% while providing a feature set that exceeded the previous design substantially. Currently, network performance is excellent and capacity has been built into the design to allow for expansion of the current 800-endpoint network to more than 1,200 endpoints comfortably. All with the peace of mind of knowing that the infrastructure is covered by a lifetime warranty and will expand seamlessly as needs dictate.
Ashton Technology Solutions develops proactive business technology strategies to arm our clients for success.