LONDON (15th May 2008) – The Capita Group Plc, the UK’s leading business process outsourcer and provider of integrated professional support services, has announced compliance with the Payment Card Industry Data Security Standard (PCI DSS) for Capita Enterprise Services, a managed service provider. Trustwave, the leading provider of on-demand data security and PCI compliance management solutions to businesses and organisations throughout the world, performed the PCI DSS compliance validation.
PCI DSS is the payment card industry security requirement for entities that process, transmit and/or store cardholder data, and has been endorsed by all the major card brands – Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB. The PCI DSS is a framework for the secure handling of cardholder data.
Capita Enterprise Services are the first fully managed Web hosting provider specialising in public sector services in the UK to be certified compliant. To validate compliance, Capita had their hosting environment reviewed for PCI compliance. Capita manages the operating system and administrative functions, security logs, incident response and audit trails within an environment it specifically created to host customers with their own PCI DSS requirements.
To validate compliance with the PCI DSS, Capita had to demonstrate compliance with 12 stringent security requirements of the credit card brands, submitting to a rigorous review of its information security policies, procedures and IT environment. To view Visa’s compliance validation for Capita, please visit http://www.visaeurope.com/documents/ais/visa_europe_ais_certified_service_providers_01052008.pdf
Danny May, Director at Capita Enterprise Services commented, “We are delighted to have attained PCI DSS compliance and being the first provider of our kind to have gained this Level 1 compliance within the UK is a great achievement that we are proud of. Importantly, this will give our customers added assurance that payment card information held within our data centers are fully protected. With the heightened focus on card fraud and citizen data in general, Capita is committed to ensuring that the servers and services we host and manage have the highest data security controls.”
“By achieving PCI DSS compliance validation, Capita has created a secure environment in which they can manage and maintain software applications for a variety of organisation’s who don’t have the people or technical resources to do it on their own,” says Robert J. McCullen, chairman and CEO of Trustwave. “Securing such features as administrative functions and monitoring security logs ensures customers that Capita is efficiently correlating audit records from numerous sources, identifying any known threats, and mitigating network risks.”
“As an organisation, Capita Group Plc understands the importance of compliance validation, having recently validated Capita Software Services as PCI DSS compliant with Trustwave,” says Andrew Henwood, Director of EMEA Operations for Trustwave. “Capita Enterprise Services PCI DSS compliance validation creates a secure environment where customers can use resources with the knowledge that security is mission critical and the organisation is closely monitoring its security posture for the safe management of third party data information.”
-more-
CAPITA AND TRUSTWAVE/ADD ONE
About The Capita Group Plc
The Capita Group Plc is the UK's leading provider of integrated professional support service solutions. The Group's service capabilities encompass customer services, financial services, human resource services, software services, systems and strategic support and property services delivered to both public sector and private organisations. With over 29,000 employees at more than 300 offices across the UK, Ireland and India, Capita is quoted on the London Stock Exchange (CPI.L), and is a constituent of the FTSE100 with revenues for 2007 of £2,073 million. Further information on The Capita Group Plc can be found at: www.capita.co.uk
About Trustwave
Trustwave is the leading provider of on-demand and subscription-based information security and PCI compliance management solutions to businesses and government entities throughout the world. For organisations faced with today’s challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions. Trustwave has helped more than 30,000 organisations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, Europe, Africa, China and Australia.