First Data and Trustwave Bring New Level of Data Security to Small and Mid-Sized Businesses

Companies Partner to Help Businesses Go Beyond PCI DSS Compliance with Stronger, Multi-layer Information Security Solutions Delivered through the Cloud

ATLANTA and CHICAGO - June 11, 2014 - Trustwave and First Data are working together to bring a new level of information security to millions of small and mid-sized businesses. Through an agreement announced today, the companies will help businesses secure sensitive information, including payment card data, and comply with payment industry data security standards.

The partnership unites two industry leaders - Trustwave with its industry-leading cloud-based information security and compliance services and First Data, the global leader in payment technology and services solutions. Businesses that use First Data payment processing services will have access to a unique, new solution delivered through Trustwave's cloud-based TrustKeeper® platform. The service will deliver security through cost effective, purpose-built, endpoint security and advanced e-commerce vulnerability monitoring while helping businesses achieve and maintain compliance with the Payment Card Industry Data Security Standard (PCI DSS). The core services will provide small businesses access to information security services designed to help protect them from malware and viruses, critical system changes, unauthorized devices, security misconfigurations and non-compliant payment card storage.

"Our collaboration demonstrates that PCI compliance is the ground floor for security and businesses need additional security services that help them go beyond PCI compliance and protect customer and payment card data from a compromise," said Doug Klotnia, General Manager of Compliance & Risk Management at Trustwave. "This entirely new approach emphasizes security and protection of sensitive data while simplifying the complex compliance process."

In addition to easy-to-use PCI DSS compliance tools, Trustwave and First Data plan to offer businesses:

  • Malware and Anti-Virus Protection - uses a combination of signatures and behavioral analysis to help protect systems from viruses and other malware.
  • File Integrity Monitoring - scans critical systems and components for changes that may be caused by a data breach or malware.
  • Unauthorized Device Alerting - informs businesses about unauthorized devices, workstations and servers connected to their network.
  • Payment Card Data Storage Scanning - verifies that payment card data is not being stored unencrypted.
  • Security Configuration Monitoring - verifies that basic security controls are configured properly.

Through the agreement, First Data customers can also access additional Trustwave Managed Security Services designed to help them address various information security threats while alleviating the pressures created by resource constraints, skills shortages, compliance requirements and the rapid adoption of new technologies. These services provide the security businesses need as they grow without requiring the business to install and manage the technologies themselves, to retain and train staff to run and configure those systems, or to worry about aging levels of protection.

"This partnership enhances our ability to offer our clients the best security and compliance solutions to meet their needs," said Paul Kleinschnitz, senior vice president, GM Cyber Security Solutions at First Data. "We are helping businesses build a security strategy that is easy-to-understand and sustainable. Instead of the traditional, annual checklist approach, our robust security solutions and services are designed to provide our clients with constant protection."

"Criminals specifically focus on small businesses because they hold vast amounts of payment card information and security is not their core competency," added Klotnia. "The Payment Card Industry Data Security Standards Council updates the PCI DSS every three years, however businesses should deploy additional security measures so that they can continuously stay ahead of the latest threats and protect all of their potential attack vectors."

The PCI DSS is the payment card industry's security requirement for entities that store, process, or transmit cardholder data, and has been endorsed by all the major credit card brands.

About First Data

Around the world, every second of every day, First Data makes payment transactions secure, fast and easy for merchants, financial institutions and their customers. First Data leverages its vast product portfolio and expertise to drive customer revenue and profitability. Whether the choice of payment is by debit or credit card, gift card, check or mobile phone, online or at the checkout counter, First Data takes every opportunity to go beyond the transaction. More information about the company is available on as well as on Twitter, LinkedIn, Facebook and YouTube.

About Trustwave

Trustwave helps businesses fight cybercrime, protect data and reduce security risks. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs while safely embracing business imperatives including big data, BYOD and social media. More than two million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective data protection, risk management and threat intelligence. Trustwave is a privately held company, headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit