Skip to content

Ensuring secure credit card transactions and PCI DSS compliance is a major challenge for any enterprise managing customer payments and data. Orion helped a major media client develop a solution through detailed security assessments and secure access implementation, enhancing overall payment security.

The client is a prominent global media and entertainment conglomerate with a rich history spanning several decades. They operate a diverse range of businesses across multiple platforms, including television networks, film production and distribution, theme parks, and digital media. 

Challenge

One of the critical requirements for the client is the secure processing of credit card transactions on their websites and in their amusement parks. In order to meet the stringent standards, set by the Payment Card Industry Data Security Standard (PCI DSS), organizations are mandated to undergo annual assessments. These assessments include a comprehensive Penetration Test that covers the internal network, external network, and web applications. 

Solution

To fulfill their security obligations, the client engaged Orion to conduct yearly Penetration Testing, Segmentation Testing, and Web Application Assessments across their various operational divisions. As part of these testing procedures, it was necessary to establish secure internal access. Orion’s highly skilled security engineers collaborated directly with the client’s network engineers to implement secure internal access to Kali Linux-based test virtual machines. 

Impact

By partnering with the Orion team, the client successfully conducts their annual tests with utmost efficiency, ensuring compliance with the PCI DSS. This collaboration ensures a safe and secure payments environment for the client’s customers, fostering trust and confidence in their media and entertainment offerings.  

See how you can modernize without added risk or complexity.

Schedule a consultation

FAQs

Your questions,
answered.

PCI DSS compliance refers to meeting security standards for organizations that process, store, or transmit credit card data. It helps protect payment information and reduce the risk of fraud, data breaches, and insecure transactions. 

PCI DSS is important for media and entertainment companies because many handle customer payments through websites, digital platforms, and physical venues. Compliance helps secure transactions and protect customer trust across payment channels. 

Penetration testing is a security assessment that simulates attacks on systems, networks, or applications. It helps organizations find vulnerabilities before attackers can exploit them and is often part of compliance programs such as PCI DSS. 

Segmentation testing checks whether payment systems are properly separated from other parts of the network. This helps limit risk, reduce exposure, and confirm that sensitive cardholder data environments are protected. 

A web application security assessment evaluates websites and applications for vulnerabilities such as weak access controls, insecure configurations, and data exposure. It helps organizations protect customer-facing platforms that handle payments or personal information. 

Organizations should conduct PCI security assessments annually or when major changes are made to payment systems, applications, or networks. Regular testing helps maintain compliance and identify security gaps before they become serious risks. 

Secure internal access allows security engineers to test internal systems safely and efficiently. It helps organizations conduct thorough assessments while protecting sensitive environments and maintaining control over testing activity. 

PCI testing improves customer trust by helping organizations secure credit card transactions and reduce payment-related risks. When payment environments are regularly tested, customers are more likely to feel confident using digital and physical payment channels. 

Answer