East reduces scope for PCI with Vodat
East, the women’s lifestyle clothing and accessories retailer, has reduced its scope for Payment Card Industry (PCI) compliance with the deployment of managed firewalls from Vodat International, the leading communications solution provider to the retail industry, to isolate the PIN Entry Devices (PEDs) from the point of sale (POS) and other in-store systems.
The firewall was implemented through Vodat’s recently launched Unified Payment Service, which cuts the cost of PCI compliance by removing sensitive cardholder data completely from the retailer’s POS network.
Rolled out to all 60 of its UK owned stores, the solution enables card data from East’s chip and PIN devices to be processed and stored in Vodat’s secure PCI DSS compliant data centres. Seamlessly integrating with East’s current POS system, it provides the same ease of transaction management and payment streamlining while offering greater card data protection and security.
Matt Gailer, Head of IT at East, said, “We already enjoy a good relationship with Vodat who support our store network, so we had complete confidence that its payments solution team would understand the nuances of our business and ensure ease of integration with our systems. As well as ensuring card data security, by being hosted on Vodat’s secure network, the managed firewall has meant that we are exempt from some of the PCI self-certification processes, meaning our scope is greatly reduced.”
He continued: “It’s always a great experience working with partners who understand our needs implicitly so they bring their experience fully to bear in the dynamic industry in which we, as East, operate; this was exactly the role Vodat has played in the implementation of this project.”
Paul Leybourne, Head of Sales at Vodat International, said, “Our Unified Payment Service, which has recently received validation from Coalfire, one of the foremost independent IT governance bodies, is designed to help retailers, such as East, benefit from a safer, more manageable and sustainable way to secure cardholder data. Our solution delivers 10 of the 12 PCI DSS requirements, so we’re delighted to have been able to address East’s security infrastructure with the latest update to their network.”
For more information on PCI compliance ahead of upcoming PCI DSS V3.0 deadline on 30 June 2015, and the options available, please visit Vodat’s dedicated community site: www.thepaymentsnetwork.co.uk