REGISTER

Payment Security

This paper covers the basic requirements of PCI, with a focus on the administrative and technical elements of the program. It also reviews the validation requirements of the standard and potential sanctions for failure to comply.

The Payment Card Industry Data Security Standard (PCI DSS) is a global security program created to increase confidence in the payment card industry and reduce risks to PCI members, merchants, service providers and consumers. It was developed by the major credit card companies as a guideline to help organizations that process card payments prevent credit card fraud.

javelin

Javelin Strategy & Research, March 2007, Pages: 35

In light of the TJX saga, issuers will no longer passively accept the costs incurred from lost cardholder data that is no fault of their own. Merchants, on the other hand, view PCI compliance as costly and burdensome, and of little value beyond "compliance". Rather than point fingers and assess blame, all industry participants must understand the necessary steps to secure cardholder data efficiently and cost effectively.

This whitepaper discusses how creating a secure access control infrastructure in heterogeneous Unix/Linux environments supports the Payment Card Industry Data Security Standard (PCI DSS).  Symark PowerBroker controls access to systems and cardholder data, and creates comprehensive logs and audit trails.  Various tables show PowerBroker’s functionality mapped to the PCI DSS requirements.

Learn about the validation requirements of the payment card industry's data security standard (PCI DSS), including administrative and technical elements of the program, and the potential sanctions for failure to comply.

javelin

Javelin Strategy & Research, June 2009, Pages: 49

The Payment Card Industry Data Security Standard (PCI DSS) raises the high water mark for data security. But there's a persistent myth that PCI compliance equals security. The reality is that PCI is only a baseline, and one that needs to be monitored constantly as the threat landscape changes. In the months following what may be the largest the data breach in U.S. history at Heartland Payment Systems®, many people are wondering if PCI is effective.

tw

How do organizations pass their PCI DSS audits yet still suffer security breaches? Paying attention to PCI DSS checklists only partially secures the cardholder environment.

Establish and Maintain Secure Cardholder Data with IBM Payment Card Industry Solutions.

logo_frostandsullivan

World Firewall Management Solutions Market

Frost & Sullivan, May 2009, Pages: 74

Regulatory Compliance and the Need for Efficient Corporate Governance

Due to the sensitive nature and potential ramification of information being lost, local, state, and federal governments have enacted legislation and regulations to protect computerized information. Examples of such regulations include the Sarbanes-Oxley Act (SOX), the Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry Data Security Standard (PCI-DSS) requirements.

tripwire logo

Learn how to align PCI compliance with business processes for a more streamlined and reliable IT infrastructure with this whitepaper from the IT Compliance Institute.

javelin

Javelin Strategy & Research, Nov 2007, Pages: 26

Safeguarding customer data is a necessary component of good business practice, yet the numbers of data breached accounts are at an all time high. Data security has not been given front line priority, and as a consequence an environment of mistrust of the card eco-system has developed among consumers, merchants, acquirers, and issuing banks. To stem this tide, the payment networks have responded with a renewed emphasis, harsher penalties, and more specific deadlines for Payment Card Industry Data Security Standards (PCI DDS) compliance.

Log in

Please Login to download this file

Username *
Password *
Remember Me
Go to top