When: May 11 | 2011 View Webinar
This session will focus on the value of internal tokenization in reducing scope and potential audit costs at the datacenter, with a specific focus on post-payment applications, databases, loyalty tracking systems, data warehousing, and business applications.
Internal tokenization contrasts with external tokenization, which involves third-parties, brands and additional vendors. Instead, internal tokenization allows enterprises to own and control their own tokens, avoiding migration issues and increasing choice. The presentation will focus on general concepts around internal tokenization, including specific examples of internal tokenization seen in different datacenter applications.
· Learn the difference between external and internal tokenization.
· Learn how to address more than 200 PCI DSS compliance requirements with a single solution.
· Maintain control over your own tokens and avoid payment processor lock-in.
· Tokenize customers' credit card data to reduce PCI scope and risk
· Understand the controls and protection around the secure vault
· Maintain auditable security policies in a single, hardened form-factor, allowing for future review and change control.
Moderator: Brandon Dunlap Panel: John Kindervag (Forrester), Blake Dournaee, and Ulf Mattsson.
Brandon Dunlap is the Managing Director of research at Brightfly. He has more than 15 years of experience managing business technology risk in large and small organizations. He has served in a variety of roles across heavily regulated industries, successfully leading all aspects of IT security programs, including policy and procedure management, oversight and control, strategy, architecture, development, and training. Currently, he is the Managing Director of Research of Brightfly, an independent, advisory and research firm that focuses on building a collaborative IT practitioner communities and bridging the gaps within information technology, security, risk, compliance, and audit disciplines.
John Kindervag is a Senior Analyst at Forrester serving Security & Risk professionals. He is a leading expert on wireless security, network security, security information management, and PCI data security. John is a 25-year veteran of the high-tech world. He holds numerous industry certifications including CISSP, CEH, QSA, and CCNA. Prior to joining Forrester, John was the senior security architect with security consultancy Vigilar, and he started the security practice for a Cisco Gold VAR, Flair Data Systems, where he was a principal security consultant. He has particular expertise in the areas of wireless security, intrusion detection and prevention, and voice over IP hacking. He has been interviewed and published in numerous magazines including Hospitality Technology Magazine, SecurityFocus.com, and Techtarget.com. John has spoken at many security conferences and events including ToorCon, ShmoCon, and InfoSec World.
Blake Dournaee is currently the product manager responsible for Intel® Expressway Service Gateway, including our Intel® Expressway Tokenization Broker product. As a product manager at Sarvega, he was deeply involved in the development of their flagship XML security, routing and acceleration appliance products. Blake was a specialist in applied cryptography applications at RSA Security and a frequent speaker at RSA conferences throughout the US and Europe. Blake is an established author who wrote the first book on XML Security and co-authored "SOA Demystified" from Intel press. For additional information about Tokenization Broker, please visit us Intel's PCI Solutions Web page.
Ulf Mattsson, CTO at Protegrity. Ulf created the innovative architecture of the Protegrity database security technology. Prior to joining Protegrity, he worked 20 years at IBM in software development as a consulting resource to IBM's Research organization, specializing in the areas of IT Architecture and IT Security. He is the inventor of more than 20 patents in the areas of Encryption Key Management, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention. He is a research member of the International Federation for Information Processing (IFIP) WG 11.3 Data and Application Security, ANSI X9, Information Systems Security Association (ISSA) and Information Systems Audit and Control Association (ISACA). Ulf received a master's degree in physics in 1979 from Chalmers University of Technology in Sweden, and holds degrees in electrical engineering and finance.