INS is Recognized as a MasterCard Site Data Protection Compliant Vendor

Business Wire, Feb 23, 2005

SANTA CLARA, Calif. -- INS, a leading provider of IT infrastructure consulting services, IP network management software, and business technology solutions, announced today that it has successfully completed the MasterCard Site Data Protection (SDP) compliance testing process. As an SDP compliant vendor, INS is allowed to help online merchants evaluate the security of their Web sites that store MasterCard account data, and achieve compliance with the MasterCard Security Standard.

INS has achieved compliance status by proving its ability to detect, identify and report vulnerabilities common to flawed web site architectures and configurations. These vulnerabilities, if not patched in actual merchant Web sites, could potentially lead to an unauthorized intrusion. By proactively identifying and providing the opportunity to remedy such vulnerabilities, SDP-compliant products offer a means for reducing risk of intrusion and data compromise.

The SDP Compliance Testing program is an expansion of MasterCard's Site Data Protection Program(TM), a comprehensive, proactive and cost-effective set of global e-commerce and financial security services designed to help protect the Web sites of its member financial institutions, online merchants and other payment processors holding MasterCard account information.

"High security standards help cardholders feel confident that their payment details are well protected, hence, they will be more likely to make purchases from online merchants," said Jim Tiller, INS Chief Security Officer. "INS is pleased to offer our security scanning expertise, developed through hundreds of projects, to help minimize vulnerabilities in financial institutions' and merchants' web sites, and to provide a secure environment that will accelerate the growth of online commerce."

"The Site Data Vendor Compliance Program reflects our ongoing commitment to helping our customers and online merchants evaluate and improve the security of their Web sites in a timely and affordable manner. The end result we are striving for -- improved overall channel security -- is a win-win for all parties involved," said Stephen Orfei, senior vice president and head of the MasterCard e-Commerce Center of Excellence.

The Vendor Compliance Program requires a two-step process. The first step is to complete an online application form, which can be found at the SDP Web site. The application provides MasterCard with an overview of the applying organization, along with a detailed assertion by the security vendor that their solution is compliant with or exceeds the requirements set forth in the MasterCard Security Standard. After applying for compliance testing, the second step is for vendors to undergo a rigorous evaluation cycle that spans across a wide range of Web servers, firewalls, and operating systems -- an environment controlled and managed by MasterCard.

About MasterCard SDP

The MasterCard Site Data Protection Program is a proactive, cost-effective, global solution offered by MasterCard through its acquiring members. The program provides acquiring members with the ability to deploy security compliance programs, assisting online merchants and Member Service Providers to better protect against hacker intrusions and account data compromises. The program takes a proactive approach to security by identifying common possible vulnerabilities in a merchant web site and makes recommendations for short-and long-term security improvements. The solution addresses the security issues that online merchants and their acquiring banks face in the virtual world, and concerns arising from these issues, such as Internet fraud, chargebacks, brand image damage, consumer information safety and privacy and the cost of replacing stolen account numbers.

About INS

INS (International Network Services Inc.) provides IT infrastructure consulting services, software, and business solutions to help companies build, secure, and manage their business-critical networks. To help organizations proactively manage risk, INS maintains a centralized and world-class Ethical Hacking Center of Excellence (COE) focused on the development and delivery of Ethical Hacking services. These services focus on identifying vulnerabilities in networks or applications and providing solutions for remediation. We are one of the world's largest independent network consulting and solutions providers with a track record of thousands of successful engagements. INS is headquartered in Santa Clara, Calif. and has offices in the U.S., Europe and Asia.