JUST EAT plc (“JUST EAT”), the world’s leading online and mobile marketplace for takeaway food, has deployed SureCloud’s PCI Compliance Manager application to manage and monitor its compliance with PCI DSS requirements internationally, enabling the company to undertake targeted remediation to ensure continual PCI compliance.
Using the SureCloud application, built on the SureCloud Platform infrastructure, JUST EAT has replaced its previous spreadsheet based, manual monitoring processes, to collate and report on compliance with PCI standards in real time, enabling staff to remediate any issues that arise across the 15 countries in which it operates. PCI Compliance Manager has enabled the company to streamline reporting processes and simplify data collection for auditing purposes.
JUST EAT has also integrated SureCloud’s cloud solution with existing systems and infrastructure, enabling it to monitor and store Approved Scanning Vendor (ASV) audits simultaneously in the SureCloud Platform. Following the success of the initial deployment JUST EAT plans to fully automate its PCI compliance monitoring through the Platform later this year.
Shan Lee, Head of Information Security at JUST EAT, commented: “Previously we had been manually inputting PCI compliance data from all our sites across 15 countries into spreadsheets, which was time consuming and difficult to use when reporting to both auditors and our board. Using SureCloud’s PCI Compliance Manager application we have been able to simplify our reporting and auditing processes, enabling us to monitor and ensure compliance continually. We now have high visibility of our compliance status from the reporting that application delivers and the overall simplicity of the solution has greatly improved efficiency.”
In addition to deploying the solution, JUST EAT has also appointed SureCloud as one of its approved penetration testing suppliers, feeding results from across the organisation back into the Platform, for assignment of remediation responsibilities to key individuals.
“We have been impressed with how the SureCloud Platform integrates with a wide range of systems and the advanced functionality it delivers for centralising all of our reporting,” Lee added. “In addition to this, the ongoing consultation and support that SureCloud provides has delivered a flexible, tailored offering that gives us greater insight into what is happening on our networks, ensuring we can remediate any issues quickly to maintain ongoing compliance with a range of requirements and standards.”
SureCloud Platform provides clients with automated GRC processes as well as other functionality including Event Management and Vulnerability Scanning. Using the platform SureCloud customers can also manage security testing outputs via the Vulnerability Management Application within the SureCloud Platform as well as delivering traditional penetration test reports.