Secure Computing launches New PCI Initiative
February 2008 by Emmanuelle Lamandé
Secure Computing Corporation unveiles the company’s new Payment Card Industry (PCI) Initiative, a multi-faceted program aimed at providing global organizations with the information, tools and best-of-breed solutions they need to comply with the new PCI Data Security Standard (DSS). Deadline dates for compliance are imminent, with the first 6.6 requirement of installing an application-layer firewall in front of all Web-facing applications taking effect June 30, 2008.
Key components of the initiative are education and expert resources, commencing with a PCI compliance Webinar on Thursday, Jan. 31, 2008 featuring guest speaker Chris Christiansen, vice president of Security Products and Services, IDC. A dedicated Secure Computing Website has also been developed to help educate organizations about the 12 major PCI requirements and provide information on how security solutions and best practices can help them comply with the new standard.
Secure Computing also offers a suite of comprehensive solutions to help organizations comply with the new standard, including Sidewinder®, its award-winning network and application-layer firewall that fulfills the first requirement by defending networks and Internet-facing applications from all types of known and unknown malicious threats.
PCI DSS is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information. PCI DSS was created jointly in 2004 by Visa, MasterCard, Discover and American Express. It clearly outlines the 12 key requirements with which companies processing, storing, or transmitting payment card data must comply or risk losing their payment processing abilities. Merchants and payment card service providers must validate their compliance periodically with auditors.
Secure Computing’s PCI Solutions and Website
With the deadline dates for compliance with PCI DSS looming, payment processing companies must implement solutions to protect their customers’ personal data. Secure Computing offers a suite of integrated and secure solutions to help companies comply with all of the PCI requirements in the following ways:
• Secure Computing Sidewinder® satisfies both PCI requirements for network and application firewalls with one comprehensive solution, enabling organizations to comply with the 6.6 requirement by the June 30, 2008 deadline
• Secure Computing SnapGear® provides cost effective VPN security for retail stores, franchises or any point-of-sale deployment
• Secure Computing SafeWord® provides strong authentication for remote and admin access for in-scope PCI systems
• Secure Computing IronMail® automatically discovers and encrypts or blocks emails containing Primary Account Number (PAN) based on policy
• Secure Computing Webwasher® helps prevent phishing and other malware attacks targeting PANs and user data These solutions also help ease the burden of compliance with many other industry regulations, including the Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act of 2002 (SOX), and more.
Secure Computing has also developed a dedicated PCI Website to provide organizations with information on the 12 major PCI requirements, best practices and solutions for compliance, expert opinions, current news on the topic and a directory of other resources.
PCI Security Standards Council
As part of its initiative, Secure Computing is actively participating in the PCI Security Standards Council, an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. The PCI Security Standards Council’s mission is to enhance payment account data security by fostering broad adoption of the PCI Security Standards. The organization was founded by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International. Participating organizations have an opportunity to influence the direction of PCI standards through active involvement in community meetings, advance review of drafts of standards and supporting materials, and regular dialogue with key stakeholders.