Compliance as a Service (CaaS) PCI DSS Merchant Walkthrough
•
1 like•819 views
For more information visit https://megaplanit.com/caas This walkthrough guides new CaaS users through the set up process, gives an overview of the Merchant Dashboard functionality, details the SAQ instructions, and provides an overview of how easy and intuitive the CaaS Portal really is to use.
Recommended
More Related Content
Recently uploaded
Recently uploaded (20)
Featured
Featured (20)
Compliance as a Service (CaaS) PCI DSS Merchant Walkthrough
- 1. MegaplanIT.com/caas Compliance as a Service (CaaS) PCI DSS Merchant Walkthrough
- 2. Login Screen First Time Users: • Click “Register/Begin”. Returning Users: • Login with your Username and Password.
- 3. RegistraGon • Enter your Merchant ID Number and Zip Code. • Click “Register”.
- 4. Business InformaGon Fill out your business informaGon. Some of the informaGon may already be pre-‐filled for you. Click “Con5nue”. Required Fields Include: • Business Name • Merchant ID • Zip Code • Email Address • Username • Password • Re-‐enter Password
- 5. Terminal InformaGon Answer the 3 quesGons about your credit card machine or the way you accept credit cards. Click “Con5nue”.
- 6. Pre-‐SAQ QuesGons Answer the Pre-‐SAQ QuesGons and CaaS will place you in the correct Self Assessment QuesGonnaire (SAQ). If you know which SAQ you belong in, you can select it manually by clicking “Manually Select SAQ”. When finished, click “Con5nue”
- 7. Summary In Summary, the SAQ has been selected for you from the answers given in the Pre-‐SAQ QuesGons step. If you don’t agree with the bullets in the Summary about your business, please click the “Back” buXon at the boXom of the page to re-‐answer the quesGons more accurately.
- 8. Summary You can Manually select the SAQ that fits your business by clicking the check box in the “Manually Select SAQ” box. By pu[ng your cursor over each SAQ Type you can then read the Summary for that SAQ Type. To select, click on the buXon for the SAQ Type you desire. (Must have the “Manually Select SAQ” box checked.)
- 9. Merchant Dashboard Aer you have established a username and password, log in to CaaS. Once you are logged in, your Merchant Dashboard will show you the necessary steps in becoming Compliant. Required Steps: • Missing Signature • SAQ • Scan (if available on your Dashboard. Required for Merchants processing via IP/Internet instead of a Phone line.)
- 10. Merchant Dashboard Verify Email
- 11. Verify Email Verifying your email is to confirm we have a good email address on file. We use email to conGnue to noGfy merchants of compliance data or merchant status that may change from Gme to Gme. If you have not received the email confirmaGon email, please click “Send/Re-‐send Verifica5on Email”.
- 12. Merchant Dashboard Missing Signature
- 13. Missing Signature Merchants must read and agree to the terms and condiGons of the portal. • Click the “I Agree” check box. • Sign in the white box with your cursor. • Click “Save”.
- 14. Merchant Dashboard Self Assessment Ques5onnaire (SAQ)
- 15. Self-‐Assessment QuesGonnaire (SAQ) SAQ Instruc5ons ü All Answers must be answered with a “Yes” or “N/A” response in order to become Compliant. ü Any Answers with a “No” response will NOT be considered Compliant and will require remediaGon so that the response can be changed to a “Yes” or “N/A” response. ü If any quesGons are answered with an “N/A” response, an explanaGon as to why the quesGon does not apply to the Merchant will be required.
- 16. Self-‐Assessment QuesGonnaire (SAQ) Complete each quesGon by clicking on the QuesGon Title itself, then answering the quesGon with a “Yes”, “No”, or “N/A” response. To display all quesGons at the same Gme, click “Show All” in the top right hand corner of the QuesGons container. If you sGll have a quesGon aer reading the QuesGon and ExplanaGon, click the “Ask Ques5on” buXon in the boXom right hand corner of the QuesGon box. Once you have finished the quesGons, click “Con5nue” at the boXom right hand corner of the screen. You may also choose to select “Finish Later” to save what you have answered and return to the Merchant Dashboard to complete at a later Gme.
- 17. Self-‐Assessment QuesGonnaire (SAQ) If you receive this message aer compleGng the SAQ: • Click “SAQ Remedia5on”. • Answer the remaining unanswered quesGons. OR • Any response answered with “No” must be remediated so the Merchant can change the answer to a “Yes” or “N/A” response in order to become Compliant.
- 18. Merchant Dashboard Scan
- 19. Scan To Schedule a Scan: • Click on “Schedule Scan” in the Menu Bar. To Review a Past Scan: • Click on the date of the Scan you would like to review.
- 20. Schedule Scan Follow the prompt to select your se[ngs for the scan and finish by clicking “Schedule/Run Scan”.
- 21. Scan Details Review View each vulnerability by clicking on the risk level (colored boxes), then click on the name of each vulnerability beneath. To download the report, click on “Download Report” in the Gtle bar. To send a support request or report a false posiGve, use the Support Request secGon at the boXom of the page.
- 22. Merchant Dashboard Downloads
- 23. Downloads To download a Compliant CerGficate, click on the “Comple5on Cer5ficate” icon. Merchant must become Compliant before CaaS will allow download.
- 24. Merchant Dashboard Merchant Overview
- 25. Merchant Overview Merchant Overview will allow you to see all of your informaGon as it is stored in CaaS. In addiGon, you can setup addiGonal users, view status of SAQ and/or Scan (if applicable), and Overall Status.
- 26. Merchant Dashboard Manage Users
- 27. Manage Users To add addiGonal Users: Click “Add New” next to the Search buXon. To Search for a User: Enter the name of the User you would like to search for and click “Search”. To edit a User select the icon in the EDIT secGon. To delete a User select the icon in the EDIT secGon. To reset the password for a User, select the icon in the EDIT secGon.
- 28. Merchant Dashboard If you need to change your SAQ Type as it is no longer correct, click “Change SAQ Type” and the Portal will direct you back through the Pre-‐SAQ QuesGons again.
- 29. Who We Are Megaplan-‐IT, LLC is a PCI SSC CerGfied network security and compliance firm that specializes in PCI DSS Compliance, PenetraGon TesGng, Secure Web Development, Cloud SoluGons, HIPAA Compliance, and other high-‐level IT audiGng and risk management services. With over fieen years of applied experience in the field of network security and compliance, the Megaplan-‐IT team is comprised of highly-‐skilled and well-‐trained informaGon security professionals who will work collaboraGvely with your company and maintain open and direct communicaGon throughout the project. Megaplan-‐IT QSAs are trained in Version 2.0 of the PCI-‐DSS Requirements. To learn more, visit us today at hQps://megaplanit.com
- 30. Why Choose Megaplan-‐IT Cost Quality Megaplan-‐IT includes key services for free with each Megaplan-‐IT provides the most accurate assessment. This approach provides our clients with security risk assessment services at the most huge savings and ensures that all compliance compeGGve prices. We stand by the quality of requirements are met. our reporGng from start to finish. Service Mission Megaplan-‐IT's mission is to build an Megaplan-‐IT clients never wait for a skilled ongoing relaGonship with our clients by consultant or QSA to be assigned. Our team successfully compleGng a wide range of is available to assist you when the need security and compliance goals on a arises. 100% SaGsfacGon Guaranteed. recurring annual basis. To speak with a consultant now, please call 800-‐891-‐1634 or email sales@megaplanit.com