Morning Andrew, You can certainly follow through on hiring a cracker to break in to your company server. But, in my opinion, the place to begin — if you haven't already done so — is to set up a contract with a company that does quarterly PCI compliance scanning, such as ControlScan, SecurityMetrix, or McAfee Secure. They'll scan your server, issue you a report and you can have your IT person implement any necessary server software upgrades and/or patches required to meet PCI compliance. You can certainly setup your plan to scan your server more frequently, if needed. Best, Kimo AZURELINK :: "Simply Connected!" ------------------------------------------------------------------------------- Web Site Design & Scalable, Managed Web Hosting Joomla! Content Management System Implementation eCommerce Development ------------------------------------------------------------------------------- 321 Main Street, Suite 4 Amherst, MA 01002 (413) 549-2020 For more information, please visit: www.azurelink.com Follow Azurelink on Twitter: http://twitter.com/azurelink ------------------------------------------------------------------------------- On Jul 4, 2011, at 5:27 PM, andrew at stakeholderscapital.com wrote: > ** Be sure to fill out the survey/skills inventory in the member's area. > ** If you did, we all thank you. > > > We would like to get estimates from firms who try to hack through security. > > If you do this, please contact me. > > Thanks, > Andrew > Sent from my BlackBerry® smartphone, powered by CREDO Mobile.