Contact Us

PCI Compliance Suite

Making the process easy to ensure your network is PCI-compliant.


As the cybersecurity threat continues to grow, nothing is more important than keeping your customers’ data secure. Doing so not only protects your customers, it also protects your business and your reputation. This is especially true for merchants in the retail, restaurant, and retail petroleum industries where ensuring their networks are PCI-compliant has become a main priority.

PCI Data Security Standard (PCI DSS) compliance is ultimately about establishing compliance and maintaining data security. For merchants, often with limited IT resources, knowing how to become compliant and then staying compliant, can be a difficult and time-consuming task. 

The new Hughes PCI Compliance Suite is designed to help you make the PCI compliance process easier so you can focus on your business without worrying about the status of your compliance.

PCI Compliance Portal: 

Hughes has brought together industry-leading PCI tools that can be accessed via an easy-to-use and mobile-friendly PCI Compliance Portal. Through the portal, you can access a Self-Assessment Questionnaire (SAQ) Wizard and comprehensive training courses. The portal also provides the ability to check the status of your vulnerability scans. Everything is just one click away for your review and peace of mind.

Self-Assessment Questionnaire Wizard: 

The required first and most crucial step in the PCI compliance process is to complete a Self-Assessment Questionnaire. Typically, the SAQ submission process is the most arduous task to gain and maintain PCI compliance. Hughes makes this step simple by giving you access to an easy-to-use online SAQ Wizard. You are guided through the necessary questions for your business in a simple step-by-step process. If you have any questions during the SAQ, Hughes offers extensive support via phone, email and online chat.

Breach Protection: 

For even greater peace of mind, Hughes offers you a PCI breach-related reimbursement program. Specific terms and conditions apply and are available upon request.

External Vulnerability Scanning: 

Hughes offers a PCI External Vulnerability Scanning service to help your business quickly and easily address the critical vulnerability scanning PCI requirement. Hughes will help you scan your network perimeter to check for cross-site scripting, SQL injection, remote file inclusion and many other application and network-based vulnerabilities. The Hughes scanning service provides information needed to help with remediation and compliance efforts.


Contact us or call 888-320-7862 for more information.

Hughes PCI offering graphic

When it comes to network security, how do I get started?


An important place to start for any retailer or business processing credit card transactions is with Payment Card Industry (PCI) compliance. In the event of a breach, if your network is not PCI compliant, you will be responsible for any resulting losses. PCI was designed with 6 goals in mind:

  • Goal 1: Build and maintain a secure network.
  • Goal 2: Protect cardholder data.
  • Goal 3: Maintain a vulnerability management program.
  • Goal 4: Implement strong access control measures.
  • Goal 5: Regularly monitor and test networks.
  • Goal 6: Maintain an information security policy.

Together, these goals provide a framework for how to tackle network security. The specific PCI requirements offer detailed implementation guidance. While achieving PCI compliance is a good starting point, it’s not a final destination. As threats evolve, you must continue to do all you can to protect your business.

Hughes can help you transition to PCI 4.0


  • Hughes is a certified 4.0 compliant service vendor.
  • Hughes will validate that the customized controls meet the PCI DSS requirements by reviewing the entity's customized approach documentation (including a controls matrix and targeted risk analysis) and developing a procedure for validating the controls.
  • Hughes can help with updated password requirements.
  • Hughes understands new requirements around shared, group, and generic accounts.
  • Hughes can help with new requirements that have been implemented to prevent and detect new and ongoing threats against the payment industry, including phishing, e-commerce, and e-skimming attacks.
  • Finally, Hughes has made enhancements to the self-assessment questionnaire (SAQ) to help guide organizations when self-attesting and assessors when documenting results.