Harland Clarke Corp. has announced that the Marketing Services functions at its Baltimore, Maryland production facility have again received the highly regarded Payment Card Industry Data Security Standards (PCI DSS) certification. Verizon Business, a third-party Qualified Security Assessor, conducted the assessment required for certification. In addition to the PCI DSS certification for Marketing Services, Harland Clarke’s Card Services business received an Attestation of Compliance with PCI standards from Verizon Business.
PCI DSS is a multifaceted security standard that includes requirements for security management, policies, network architecture, software design, and other critical data protection measures. These efforts help ensure the safe handling of sensitive cardholder information by companies that process data for major debit, credit, prepaid, e-purse, ATM, and POS cards.
“Attaining PCI DSS recertification reflects Harland Clarke’s enterprise-wide commitment to security,” said Harland Clarke President and COO Dan Singleton. “Security is part of our corporate culture and is embedded in every area of our business.”
Within Harland Clarke, all business units are subjected to the same high security standards and are part of the same network and enterprise approach. The company implements a defense-in-depth strategy, which combines physical control measures with logical control measures, uses a layered security model to provide end-to-end security of client and customer information, and mitigates risk across the supply chain.
Harland Clarke has also implemented a robust auditing, assessment and testing regimen that validates its security controls and ensures these controls are functioning as designed. For example, Verizon Business reviews Harland Clarke’s internet architecture (enterprise and perimeter) on a quarterly basis to identify any vulnerability that may exist and recommends remediation action. Harland Clarke completes an annual American Institute of Certified Public Accountants Statement on Standards for Attestations Engagements (SSAE) 16, Type II (formerly known as SAS 70) review across the enterprise. Harland Clarke’s Corporate Business Continuity Plan is reviewed annually by executive management and updated as critical changes occur.
“Harland Clarke understands that security and compliance are continuous processes,” added Singleton. “Our highly qualified in-house security professionals maintain our corporate security program, and we have formed an enterprise-focused task force to oversee our ongoing PCI work. We are dedicated to protecting the privacy of sensitive information, and to maintaining the trust that has been placed in us by our clients and their account holders.”
About Harland Clarke Corp.
Harland Clarke Corp. (www.harlandclarke.com) is a leading provider of best-in-class integrated payment solutions, marketing services and security solutions. It serves clients in multiple industries, including financial services, retail, healthcare, insurance, and telecommunications, and ranging in size from major corporate brands and trade groups to micro-businesses and individual consumers. Within its payment solutions business, Harland Clarke provides needed products and services to nearly 11,000 banks, credit unions and major investment firms. Harland Clarke Marketing Services’ portfolio is expansive, with a dozen solutions designed to address the needs of banks and credit unions and their account holders through life cycle management. Harland Clarke delivers integrated marketing campaigns focused on acquisition, onboarding, engagement, retention, and cross-selling, utilizing extensive print, phone and email channels for campaign execution. Headquartered in San Antonio, Texas, Harland Clarke employs more than 4,500 people nationwide and operates manufacturing and contact center facilities in multiple states and communities. Harland Clarke is a wholly owned subsidiary of Harland Clarke Holdings Corp., which also owns Harland Financial Solutions and Scantron.