Accelerating PCI Compliance



Similar documents
PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

PCI COMPLIANCE GUIDE For Merchants and Service Members

PCI DSS Requirements - Security Controls and Processes

worldpay.com Understanding the 12 requirements of PCI DSS SaferPayments Be smart. Be compliant. Be protected.

How To Comply With The Pci Ds.S.A.S

How To Protect Your Data From Being Stolen

Becoming PCI Compliant

SECTION: SUBJECT: PCI-DSS General Guidelines and Procedures

PLACE GROUP UK LONDON STUDENT HOUSING GROUP PAYMENT CARD INDUSTRY DATA SECURITY STANDARD COMPLIANCE STATEMENT PCI DSS (09) VERSION: 2009PCIDSSP4S01

Josiah Wilkinson Internal Security Assessor. Nationwide

Thoughts on PCI DSS 3.0. September, 2014

Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015

PCI Requirements Coverage Summary Table

PCI Compliance Can Make Your Organization Stronger and Fitter. Brent Harman Manager, Systems Consultant Team West NetPro Computing, Inc.

Introduction to PCI DSS

New PCI Standards Enhance Security of Cardholder Data

Qualified Integrators and Resellers (QIR) Implementation Statement

AUTOMATING AUDITS AND ENSURING CONTINUOUS COMPLIANCE WITH ALGOSEC

Credit Card Acceptance Policy. Vice Chancellor of Business Affairs. History: Effective July 1, 2011 Updated February 2013

PCI Data Security Standards

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Payment Card Industry (PCI) Data Security Standard. Summary of Changes from PCI DSS Version 2.0 to 3.0

Achieving PCI-Compliance through Cyberoam

Enforcing PCI Data Security Standard Compliance

Conquering PCI DSS Compliance

University of Sunderland Business Assurance PCI Security Policy

PDQ Guide for the PCI Data Security Standard Self-Assessment Questionnaire C (Version 1.1)

Case 2:13-cv ES-JAD Document Filed 12/09/15 Page 1 of 116 PageID: Appendix A

Policies and Procedures

Simplifying Payment Card Industry Compliance

Tokenization Amplified XiIntercept. The ultimate PCI DSS cost & scope reduction mechanism

WHITEPAPER. Achieving Network Payment Card Industry Data Security Standard (PCI DSS) Compliance with NetMRI

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

Security. Tiffany Trent-Abram VP, Global Product Management. November 6 th, One Connection - A World of Opportunities

PCI Requirements Coverage Summary Table

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking

How To Protect Your Business From A Hacker Attack

Payment Card Industry Data Security Standards.

PCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00

PCI Data Security and Classification Standards Summary

Presented By: Bryan Miller CCIE, CISSP

PCI Data Security Standards (DSS)

Project Title slide Project: PCI. Are You At Risk?

How To Protect Visa Account Information

PCI Compliance Top 10 Questions and Answers

74% 96 Action Items. Compliance

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

The Cyber Attack and Hacking Epidemic A Legal and Business Survival Guide

Introduction. PCI DSS Overview

Payment Cardholder Data Handling Procedures (required to accept any credit card payments)

Payment Card Industry (PCI) Compliance. Management Guidelines

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

/ BROCHURE / CHECKLIST: PCI/ISO COMPLIANCE. By Melbourne IT Enterprise Services

PCI Compliance. Top 10 Questions & Answers

CloudCheck Compliance Certification Program

Payment Card Industry - Data Security Standard (PCI-DSS) Security Policy

Frequently Asked Questions

Passing PCI Compliance How to Address the Application Security Mandates

PCI Compliance. How to Meet Payment Card Industry Compliance Standards. May cliftonlarsonallen.com CliftonLarsonAllen LLP

Teleran PCI Customer Case Study

GFI White Paper PCI-DSS compliance and GFI Software products

Achieving PCI Compliance Using F5 Products

Client Security Risk Assessment Questionnaire

Is the PCI Data Security Standard Enough?

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE

Cyber-Ark Software and the PCI Data Security Standard

A Rackspace White Paper Spring 2010

Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness

PREPARING FOR THE NEW PCI DATA SECURITY STANDARDS

Your Compliance Classification Level and What it Means

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

PAYMENT CARD INDUSTRY (PCI) SECURITY STANDARDS COUNCIL

PCI PA - DSS. Point ipos Implementation Guide. Version VeriFone Vx820 using the Point ipos Payment Core

Two Approaches to PCI-DSS Compliance

PCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR

What s New in PCI DSS Cisco and/or its affiliates. All rights reserved. Cisco Systems, Inc 1

Credit Card Processing Overview

PCI-DSS: A Step-by-Step Payment Card Security Approach. Amy Mushahwar & Mason Weisz

PCI Compliance in Oracle E-Business Suite

PCI Compliance: How to ensure customer cardholder data is handled with care

Accepting Payment Cards and ecommerce Payments

PCI Data Security Standard 3.0

CONTENTS. PCI DSS Compliance Guide

The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance

Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 Part Number: E April 2016

FORT HAYS STATE UNIVERSITY CREDIT CARD SECURITY POLICY

PCI Compliance: Protection Against Data Breaches

Payment Card Industry Data Security Standard

University of Dayton Credit / Debit Card Acceptance Policy September 1, 2009

Transcription:

Accelerating PCI Compliance PCI Compliance for B2B Managed Services March 8, 2016

What s the Issue? Credit Card Data Breaches are Expensive for Everyone The Wall Street Journal OpenText Confidential. 2016 All Rights Reserved. 2

PCI Compliance for Managed Services RETAIL STOREFRONT BUYER CREDIT CARD PAYMENT WITH PCI DEBIT CARD PAYMENT WITH PCI RETAIL WEBSITE PURCHASE ORDER WITH PCI CREDIT CARD PAYMENT WITH PCI PURCHASE ORDER WITH PCI DEBIT CARD PAYMENT WITH PCI SUPPLIER CARD PROCESSOR FINANCIAL INSTITUTION Firewall configuration employed No vendor-supplied defaults for system passwords Stored data protected by encryption using Oracle Transparent Data Encryption and encryption key management provided by Oracle Wallet In-flight transmission of cardholder data encrypted PCI token to replace PAN Other PCI data masked Regularly updated antivirus software Secure systems and applications All network access tracked and monitored Regular system and processes tests OpenText Confidential. 2016 All Rights Reserved. 3

How We Deliver Compliance TOKEN B2B MANAGED SERVICES Tokenized data processed through Trading Grid PCI Data Tokenized Original Data Restored for Delivery ENCRYPTED STORE OpenText Confidential. 2016 All Rights Reserved. 4

How We Deliver Compliance TOKEN Customer s B2B Managed Services implementation never sees the original data! B2B MANAGED SERVICES Tokenized data processed through Trading Grid PCI Data Tokenized Original Data Restored for Delivery ENCRYPTED STORE OpenText Confidential. 2016 All Rights Reserved. 5

How We Deliver Compliance TOKEN CC# can be tokenized to 12 random digits + last 4 digits No map changes required! B2B MANAGED SERVICES Tokenized data processed through Trading Grid PCI Data Tokenized Original Data Restored for Delivery ENCRYPTED STORE OpenText Confidential. 2016 All Rights Reserved. 6

Key Benefits Ensure a secure network OpenText s world-class data centers ensure networks, firewalls, and routers comply with PCI DSS standards, without investing in additional infrastructure Protect cardholder data Render Primary Account Number (PAN) unreadable and easily mask other personally identifiable data with a PCI token Encrypt transmission of cardholder data Safely transmit sensitive cardholder data with strong encryption for authentication and transmission Maintain a vulnerability management program Protect against malicious attacks with regular updates to anti-virus software and the latest security patches Implement strong access control standards OpenText manages access control with restricted system access, robust user security protocols and limited physical access to systems in the cardholder data environment Track and monitor networks OpenText tracks and monitors access to network resources, regularly performs penetration testing, and maintains a strong information security policy OpenText Confidential. 2016 All Rights Reserved. 7

Delivering Return-on-Investment Reduce costs Eliminate the need to invest in additional infrastructure, maintenance and personnel to support cardholder data protection in your B2B network Minimize disruption No modifications to existing file layouts or data maps are required to protect personally identifiable cardholder data elements Limit PCI audit scope Outsourcing cardholder data protection limits the number of PCI requirements for your organization Keep current OpenText manages software updates, implements annual encryption key changes and stays abreast of the latest revisions to PCI data security standards Simplify complexity OpenText Managed Services compliance is your single-source provider for B2B outsourcing combined with cardholder data security OpenText Confidential. 2016 All Rights Reserved. 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information