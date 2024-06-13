Compliance Management Software TCT Portal Immediately Provides a PCI 4.0.1 Track for a Quick Transition

We understand the critical nature of compliance updates and have made it our priority to provide our clients with the tools they need to stay on top of their compliance responsibilities.” — Adam Goslin, Founder, TCT

ROCHESTER, MI, UNITED STATES, June 13, 2024 /EINPresswire.com/ -- Total Compliance Tracking (TCT), a global leader in compliance management software, has updated TCT Portal to incorporate the latest changes in PCI DSS 4.0.1. The latest version of the PCI DSS standard was released on June 11. With it, the PCI Security Standards Council (PCI SSC) is seeking to bring additional clarity and corrections to the original PCI DSS 4.0 release, ensuring that organizations can continue to maintain their compliance.

TCT promptly integrated the PCI DSS 4.0.1 updates into its compliance management platform, TCT Portal. The PCI updates were analyzed and deployed within hours of the PCI DSS 4.0.1 release.

"Our team was ready to act the moment PCI DSS 4.0.1 was released," said Adam Goslin, CEO and Founder of TCT. "We understand the critical nature of compliance updates and have made it our priority to provide our clients with the tools they need to stay on top of their compliance responsibilities."

TCT serves a wide range of organizations, including assessment firms, service providers, and compliant organizations, all of which depend on TCT Portal for efficient and reliable compliance management. With the PCI DSS 4.0.1 track now available, Goslin said that TCT customers can continue managing their compliance engagements with confidence and clarity.

“We have countless individuals who depend on TCT to serve them expediently and effectively,” he said. “It’s something we’ve strived to do from Day One, and we will continue to do it every single day.”

SIGNIFICANT UPDATES IN PCI DSS 4.0.1

PCI DSS 4.0.1 focuses on refining existing guidelines without introducing new requirements. The update addresses feedback from the industry, clarifying and correcting previous ambiguities. Highlights include:

Requirement 6: The update to Requirement 6.3.3 reverts language to that of version 3.2.1, specifying that the requirement applies to critical vulnerabilities rather than high-security patches and updates. Requirement 6.4.3 now includes a clarification on maintaining an inventory of scripts, with business and technical justifications. Additionally, new applicability notes provide guidance on how this requirement applies to web pages and third-party payment processors.

Requirement 8: Enhanced guidance on multi-factor authentication (MFA) clarifies its applicability based on different configurations within an environment. For example, MFA for non-administrative access to cardholder data environments does not apply to user accounts that only authenticate with phishing-resistant authentication factors.

Requirement 12: Updates offer greater clarity on the relationship between organizations and third-party service providers, detailing responsibilities and documentation obligations. These changes aim to streamline interactions and ensure a clear understanding of compliance requirements.

TRANSITION TIMING FROM PCI DSS 4.0 TO 4.0.1

PCI DSS 4.0 will be officially retired on December 31, 2024. Organizations concluding their PCI DSS assessments after that date must use version 4.0.1 as the only active version of the standard supported by the PCI SSC. The changes in the 4.0.1 update are not expected to significantly impact organizations already working towards PCI DSS version 4.0 certification.

TCT SUPPORTS THE ENTIRE COMPLIANCE COMMUNITY

TCT's commitment to the compliance community is reflected in its swift response to the PCI DSS 4.0.1 update. The company's expedient approach ensures that organizations have access to the latest tools and resources necessary to effectively maintain their compliance.

For more information on PCI DSS 4.0.1 and the latest TCT Portal update, please visit the TCT website.

ABOUT TOTAL COMPLIANCE TRACKING

Total Compliance Tracking (TCT) is dedicated to making compliance management suck less. Since 2013, TCT has served the security and compliance community by providing both a SaaS-based compliance management platform called TCT Portal and hands-on consulting.

TCT Portal is an end-to-end software solution that automates all the heavy lifting of a compliance engagement. It was built by security and compliance people, for security and compliance people — incorporating decades of in-depth, hands-on compliance management expertise. The platform organizes every aspect of compliance engagements and typically cuts manual labor in half. TCT Portal serves any company subject to compliance, those serving those dealing with compliance challenges and Assessment Firms.

The TCT consulting team has multiple decades of combined hands-on experience in every facet of security and compliance management. TCT’s compliance consulting provides confidence and peace of mind in the midst of an overwhelming compliance engagement. The consultants have been in the trenches and know what it’s like to try to manage security and compliance efforts while under-resourced or under-experienced.

TCT can provide consulting services and software packages (via TCT Portal) for virtually any compliance regulation, including PCI-DSS, SOC 2, HIPAA, ISO, and dozens of other standards.

