And so peakwork AG, a leading software specialist for the tourist industry, is another player of this sector who has decided to partner usd AG in achieving certification according to the PCI DSS international security standard of the payment card industry.
At the end of August 2015, the course was set for the cooperation between peakwork and usd with the objective of achieving certification in December 2015. Janette Pitzschel and Jan Kemper, IT security consultants of usd comment: “It was important for us to prepare our peakwork colleagues for the upcoming audit as thoroughly as possible. We realized straight away that our customer’s experts had very good technical know-how, while always keeping their goal in mind. Thus, our cooperation was very efficient even during the audit’s preparatory stage.“
Ralf Usbeck, CEO of peakwork, in response to the question of why his company decided to acquire PCI DSS certification: “Highest quality, up-to-dateness and promptness of data, that’s what we promise to deliver. We’re very proud of the confidence that our customers place in our solutions. Tour operators, hotels, airlines and sales channels use peakwork’s technologies. From the inputting of travel offer data, over sales real time searches up to precise, customer tailored travel packaging – all the elements of the process need to fit together smoothly. IT security is one of the most important prerequisites for the sustainable success of our solutions. Therefore, certification according to PCI DSS, as a further proof of quality in the area of IT security, was a logical consequence for us.“
The audit period started end of October. Christopher Kristes, Manager PCI & Payment Security at usd: “The audit plan was definitely ambitious, but the audit went smoothly. The preparations and planning were perfect. A great achievement especially for a first certification. peakwork is a customer that has firmly embedded IT security in its product policy. Of course, this makes a successful audit easier to achieve.” Peter Cramer, IT Director of peakwork is also glad: “IT security precautionary measures have a high priority for us, starting during the development stage. For our sector, the continuous fulfillment of compliance requirements goes without saying. All the same, we’re proud how well both teams worked together in this certification project.“
Following successful approval of the Report on Compliance** by the PCI Security Standards Council, the PCI DSS certificate was awarded beginning of December.
* The term Qualified Security Assessor (QSA) Company refers to companies officially accredited by the PCI Security Standards Council to perform certifications according to PCI DSS.
**Report on Compliance refers to the final report of an audit according to PCI DSS.
DORA Countdown: One Month Left Until the Deadline
DORA, the Digital Operational Resilience Act, will fully apply as of 17 January 2025. We have summarized everything you need to know about the EU regulation, preparation and best practices from our news blog.