Find Us
Pleasant Grove, Utah
Payment protection mobile image

Your Path To PCI Compliance

We are Protocol

Protocol is a data security company built on the belief that motivated individuals empowered with the right tools can make a difference in their lives and communities. We are dedicated to helping organizations of all sizes, validate and maintain compliance with data security standards while also eliminating unnecessary business risks.

Protocol is a PCI-ISA Sponsoring Organization, PCI-QIR, Visa certified Service Provider and PCI SSC Participating Organization. In addition, CEO Giles Witherspoon-Boyd is a member of the PCI SSC's global SMB task force, helping small and medium sized businesses organizations increase data security, technical knowlege.

In addition to Payment Card Industry Data Security Standards (PCI DSS), particular areas of focus are the Health Insurance Portability and Accountability Act (HIPAA), and National Institute of Standards and Technology (NIST), with others to follow

services we offer

Data Security Education

We are in the data security business; you are not. Protocol provides all the role-based training and creative data security education for your complete organization, allowing you to focus on what you do best; run your business. Additional video and content customization is available.

Platform Assisted Assessment

Managing data security requires having the right tools. Protocol is dedicated to providing innovative technology. Protocol Nexus helps you maneuver and manage your compliance requirements with ease and efficiency.

Custom Data Integration

Nexus eliminates silos of data by providing a single secure repository for all associated compliance documentation and evidence needed for PCI DSS validation. Validation of third party Service Provider compliance can be intergrated as well on demand or via a customized API schedule.

Meet Nexus

Life just got a lot simpler


With PCI DSS requirements now passing a decade since inception, many organizations still rely on the same standard SAQ documents and formats developed over a decade ago for their annual PCI compliance validation. These redundant compliance formats and solutions leave merchants dependent on unsecure spreadsheets or disjointed security point solutions to manage compliance initiatives and tasks.


While some compliance management solutions are simply repackaged versions of the same "check-box" focused compliance, Protocol Nexus is different. Nexus is built to provide a smart and innovative framework for organizations of all sizes to efficiently organize, manage and measure all organizational PCI compliance tasks and initiatives.

Why People Choose Us

  • Innovation

    Just as online tax services changed the tax return industry, Protocol’s Compliance as a Service has revolutionized PCI compliance.

  • Value

    Imagine greatly elevating your level of compliance and readiness, without greatly elevating your costs.

  • Time

    Save days, weeks and months of time and headache.

  • Reduce Risk

    Don’t just be compliant for a day, achieve and maintain Compliance.

  • 24/7 Support

    Hackers don’t sleep and neither do we. Need to chat? Give us a call, anytime!

  • Easy

    Compliance doesn't have to be rocket science. We make it simple.


“Selling to people is ineffective. Being someone’s trusted advisor is my preferred position."

Giles Witherspoon-Boyd
CEO, Protocol

"We need to change the way we think about data security, it’s no longer a check-the-box exercise, but it requires ongoing education and awareness and proactive approach."

Eric Brown
VP of Strategic Partnerships, Protocol

"We’ve built a user-interface that is focused on the end-user and automates clarifies tasks, simply and beautifully."

James Davis
Principal Architect, Protocol

Our Valued Partners

epaymints partner logo
Paladion partner logo
Payscout partner logo
Sophos partner logo