Case Study: Terra Dotta Achieves PCI Compliance and Trusted-Provider Status with ControlScan

ControlScan Helps Terra Dotta Achieve Trusted-Provider Status

Terra Dotta, a provider of SaaS software for higher education, needed to strengthen its privacy, security, and PCI compliance posture as universities demanded greater assurance around sensitive student and payment data. As PCI DSS v3.0 expanded the scope of e-commerce redirects, Terra Dotta’s compliance obligations increased, making it important to prove out security practices and reassure customers. ControlScan worked with Terra Dotta as a PCI Qualified Security Assessor (QSA) to help address these challenges.

ControlScan performed a PCI gap analysis and guided Terra Dotta through reconfiguring its network, hardening its environment, and tightening access to sensitive data systems, while also resolving compliance questions involving its hosting provider. The result was PCI Level 1 Service Provider certification, completed a day ahead of schedule, plus a simpler security environment and greater confidence in payment security. With ControlScan’s help, Terra Dotta now answers security questionnaires more easily, moves through sales faster, and has seen improved sales uptake and smoother future audits.

Terra Dotta

Garrett Christian

CTO & Co-Founder