We’re Canada’s Largest Dedicated
PCI Compliance Company
If you accept credit cards as a form of payment, then you need to care about compliance. PCI compliance doesn’t have to be confusing, time consuming and costly – that is, when you have the right company on your side. Control Gap helps you get compliant and stay compliant quickly and effectively!
Trusted by fortune 500 companies, Control Gap is the largest PCI Compliance firm in Canada. We provide customized solutions that you can depend on.
Quick and Easy
Our certified experts make getting compliant easy, leaving you more time to get back to what you do best – running your business.
There are many ways to get compliant, we focus on the compliance solution that makes the most sense for your organization.
Effective and Affordable
We use multiple approaches, technologies and assessment tools; where there’s a simpler, more cost-effective way to do something, our clients are the first to know.
Tired of being confused by compliance?
Contact us today and learn more about how we can help you
Get Compliant. Stay Compliant.
Or Call: 1 (866) 644-8808
What is PCI Pilot™?
PCI Pilot™ is a web-based application that’s FREE to start! The app focuses on helping smaller and medium-sized businesses simplify and speed up the PCI compliance process by automating the SAQ (Self-Assessment Questionnaire) via an online tool.
Learn More About PCI Pilot™
Why Control Gap?
- We save you time and money
- We help you avoid fines and potential punitive action
- We make compliance understandable
- We are current with all legislation and standards so you don’t have to be
- We are your go-to expert for all your compliance questions and issues
Credentials and Affiliations
- Certified Ethical Hackers (CEH)
- Checkpoint Certified System Engineers (CCSE)
- Certified Technical Trainers (CTT)
- Certified Information Systems Security Professionals (CISSP)
- Certified Information Systems Auditors (CISA)
- ISO/IEC 27001 Lead Auditor
- Qualified Security Assessor Company (QSAC)
- Payment Application Qualified Security Assessor (PA-QSA)
- Point to Point Encryption Solutions (P2PE QSA)
- Point to Point Encryption Applications (P2PE PA-QSA)
Read More Customer Experiences
Control Gap helped our staff to better understand the audit process & its objectives. We look forward to engaging Control Gap in the future.
(Vice President Technical Services, AJB Software)
We were impressed with Control Gap’s flexibility. They worked around us and they got the job done.
(Founder & CTO, Hosted PCI)
They patiently guided us through the entire audit process and we found them easy to work with, vendor neutral & focused on helping.
(Manager of Information Security & Compliance, Threshold Financial Technologies)
This Week’s [in]Security – Issue 107
April 15 2019
Welcome to This Week’s [in]Security. This week: PCI in 2019, PCI card production, NIST killing of TDES, hotel breaches, Yahoo settlement, Canadian breach reporting, consent and cross-boarder data, dark design patterns, fine for cooperating with ICE, Android as 2FA, securing email, malicious zero-day disclosures, the latest phishing campaigns, Assange arrested, blocking big tech, spreadsheet risks
NIST is Sunsetting Triple DES – so what will the Financial Industry do?
April 9 2019
NIST recently published a document “Transitioning the Use of Cryptographic Algorithms and Key Lengths” which formalizes the sunset of Triple DES by the end of 2023. Afterwards it will only be recommended for legacy use which means decryption only. Triple DES (aka TDEA/TDES) is used to protect Web Sites, Virtual Private Networks, remote sessions, e-commerce