ASV Scanning

Engaging Networks is committed to helping our clients keep their payment pages secure so that we can all maintain our Payment Card Industry (PCI) Data Security Standard (DSS) compliance. To do this, clients are responsible for having scans performed on their payment pages by an Approved Scanning Vendor (ASV). 

A PCI ASV scan is a vulnerability scan that checks for security flaws and weaknesses that could be exploited by bad actors. Quarterly (every 90 days) scans are required by the PCI DSS for organizations that accept payment cards. An Approved Scanning Vendor must perform the scan. The results of the scan will be included in a report, alerting you to any vulnerabilities that were found. If security flaws are not fixed, you may be fined or lose your ability to accept credit card payments. 

To aid in this process, Engaging Networks is endorsing  ControlCase – a highly regarded cybersecurity firm with extensive experience in providing security and compliance services globally to clients over the last 15 years. ControlCase is an accredited Approved Scanning Vendor (ASV) and has been authorized by Engaging Networks to work with our clients to complete quarterly vulnerability scans on their payment intake forms. Together, we will stay ahead of potential threats and comply with PCI requirements. 

Key Benefits of usingControl Case:

• Identifying vulnerabilities: ASV scans can help identify security gaps, such as unpatched software or misconfigurations, that could be exploited by attackers. 
• Ensuring compliance: ASV scans can help ensure that a nonprofit meets the security standards required by the Payment Card Industry Data Security Standard (PCI DSS). 
• Preventing data breaches: ASV scans can help prevent data breaches by identifying and fixing security holes in applications. 
• Improving security practices: ASV scans can provide valuable information that can help improve security practices, such as patch management. 
• Building donor confidence: ASV scans can help build donor confidence by showing that a nonprofit is taking steps to keep their donor data secure. 

Additional information for Engaging Networks clients:

• The team at ControlCase will work closely with you to ensure a smooth scanning process, with minimal disruption to your operations.
• Clients will sign a contract with ControlCase directly for their services.
• The annual cost for the scans will depend on the number of pages that need to be scanned. Payments will be made to ControlCase. 

Our goal in working with ControlCase is to make compliance management simple and stress-free. ControlCase will initiate your scans, providing you with two re-scans if needed, and provide consultation time to help interpret your results. Once completed, your compliance certificate is uploaded directly into your Compliance Hub portal. Every quarter, this process is repeated effortlessly, ensuring ongoing compliance with minimal disruption. 

If you would like to learn more about pricing and next steps, or want to get started working with Control Case, please contact your Account Success Manager or the Engaging Networks Support Team.