CHICAGO and SHANGHAI (May 21, 2009) - DerbySoft, a Shanghai-headquartered technology company serving hotels and the hospitality industry, has selected Trustwave to provide Payment Card Industry Data Security Standard (PCI DSS) compliance validation services. Trustwave is the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world.
PCI DSS is the payment card industry security requirement for entities that store, process or transmit cardholder data, and has been endorsed by all the major card brands - Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB.
As a payment gateway provider for hotels and the hospitality industry, DerbySoft has engaged Trustwave to provide guidance on securing their payment environment and validating PCI DSS compliance. They have enrolled in Trustwave's on-demand compliance management solution, TrustKeeper® to access the necessary tools to support on-going compliance such as quarterly network vulnerability scans. In addition, Trustwave will perform an internal penetration test to ensure adequate controls are properly in place for any person with access to the internal corporate LAN/WAN environment.
"Mis-configured internal networks lend themselves to external attacks," says Feng Ou, CTO at DerbySoft. "We are working with Trustwave to secure our entire environment to prevent any malicious attacks and gain greater clarity into corporate vulnerabilities while also validating our compliance."
"Trustwave has recently found that businesses in the hospitality industry share common security deficiencies that contribute to the compromise of payment card data, such as the storage of magnetic stripe data, weak passwords and insecure remote access applications," says Robert J. McCullen, chairman and CEO of Trustwave. "DerbySoft is taking a great step differentiating itself as a provider of secure and compliant solutions. Users of their technology will rest assured knowing that DerbySoft understands the importance of payment card security."
"DerbySoft is a leader and deserves recognition for their proactive approach to protecting cardholder data," says Sophia Chen, director of Northern Asia Pacific for Trustwave. "Trustwave's internal penetration test will provide their organization greater insight into their network environment, assessing each security layer and ensuring DerbySoft has implemented the proper security controls to protect themselves from external exploits."
Founded in Shanghai in 2002, DerbySoft is a leading technology company serving the hospitality and travel industries in China. It has a growing team of 180 members with offices in Shanghai, Beijing, Guangzhou, Chengdu and the U.S. DerbySoft has developed and now operates the largest hotel switch in China serving thousands of large international and domestic chain hotels including Hilton, IHG, BTG-Nikko Hotels, Jinling Hotel Group, CTS Hotels and others as well as more than 1,000 independent Chinese hotels.
Trustwave is a leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions including SIEM , WAF , EV SSL certificates and secure digital certificates . Trustwave has helped hundreds of thousands of organizations-ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers-manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com .