Comodo Offers New "Painless PCI" Compliance Program That Delivers 360° Support to EMerchants

Jersey City, NJ, July 10, 2008 - Comodo, a leading Certification Authority and security company today announced a new information risk and compliancy solution called Painless PCI. The foundation of this program is a free and intuitive web-based Wizard that provides customized, step-by-step, guidance for completion of the PCI Self Assessment Questionnaire (SAQ), a critical element of the compliance process. The Painless PCI program was specially developed for Level 3 and 4 merchants who conduct up to a million annual transactions. With this offer, eMerchants can achieve compliance with a personalized guide that will assist them throughout the often challenging PCI questionnaire and Data Security Standard.

The needs of smaller merchants are often overlooked when it comes to risk management and compliance solutions, even though they comprise over 90% of all merchants (Source: Greensheet). PCI compliance solutions are typically designed for the larger enterprise with the expectation that they will need to be "sized down" for the smaller merchant. This initiative reverses the business model with a specially designed tool to meet the needs of this large group of merchants.

Painless PCI Program Overview

The integrated program uniquely delivers PCI compliance expertise on security solutions and processes needed to efficiently achieve compliance. The free program is delivered within an intelligent web-based wizard that creates and manages a remediation plan based on each merchant's individual circumstance.

Elements of the program include:

• HackerGuardian PCI Compliance Wizard
  This innovative, intuitive, free, web-based application guides merchants through the PCI compliance process. The wizard helps eMerchants determine if they are PCI compliant and, if not, how to best achieve PCI compliance. The wizard provides:
  • Guidance through the Self Assessment Questionnaire (SAQ) - Provides step-by-step explanation of questions and terms as the eMerchant answers the SAQ
  • A custom company Remediation Plan that contains:
    • A list of remedial actions required for full PCI Compliance
    • A remediation planning tool enabling task prioritization and project management
    • Links to recommended products, information and services that will help a merchant resolve compliance issues
    • A ready-to-submit PCI DSS Self Assessment Questionnaire
• PCI approved Comodo Security Solutions
  Should a merchant require PCI compliant security solutions such as vulnerability scanning and SSL security, the Painless PCI Program identifies which solutions are required and can provide these solutions from Comodo, an Approved Scanning Vendor (ASV).

"Issues around compliancy and risk mitigation are rapidly becoming more critical for e-businesses to address", said Melih Abdulhayoglu, CEO and Chief Security Architect for Comodo. "Comodo has changed the model of how merchants can be supported in their critical compliancy and risk mitigation needs with our Painless PCI program. As a Certification Authority, it is important we actively support improving the level of compliance and security within the ebusiness community. The PCI Program makes PCI compliancy achievable and painless for virtually any online business."

For more information about this program, please visit www.hackerguardian.com.