For Questions Call:
1-888-323-6768
Contact Us
Qmunity  |  Worldwide  

Americas
United States (English) Brazil (Portuguese)
Latin America (Spanish)  
Europe, Middle East, Africa
United Kingdom (English) Italy (Italian)
France (French) Spain (Spanish)
Germany (German) Ireland (English)
Austria (German) Belgium (English)
Switzerland (German) Netherlands (Dutch)
Denmark (English) Norway (English)
Sweden (English) South Africa (English)
 
   
   
Find a worldwide contact Find a reseller

Payment Card Industry Data Security Standard (PCI DSS)

The Payment Card Industry Data Security Standard (PCI DSS) establishes standard requirements protecting cardholder information. It applies to all entities that store, process or transmit cardholder data, such as retail merchants, payment processors and banks. PCI DSS took effect in January 2005 after being co-written by VISA and MasterCard and endorsed by other leading card providers.

There are 12 requirements for PCI DSS compliance, grouped into six IT control objectives. Each outlines a different area of security best practices, ranging from information security policy development to assessment and monitoring of threats, vulnerabilities and misconfigurations.

In October 2008, version 1.2 of PCI DSS was released by the PCI Security Standards Council. This release did not introduce any new requirements from version 1.1, but contained several general and specific changes for clarification and explanatory purposes.

Some examples of the language and key challenges in PCI DSS v1.2 which NetIQ solutions address include:

  • PCI DSS Requirement 2.2 Develop configuration standards for all systems components.
  • PCI DSS Requirement 4 Encrypt transmission of cardholder data across open, public networks
  • PCI DSS Requirement 6.1 Ensure that all system components and software have the latest vendor-supplied security patches installed.
  • PCI DSS Requirement 7 Restrict access to cardholder data by business need-to-know
  • PCI DSS Requirement 8.5 Ensure proper user authentication and password management for non-consumer users and administrators on all system components.
  • PCI DSS Requirement 10.5 Secure audit trails so they cannot be altered.
  • PCI DSS Requirement 11.5 Deploy file integrity monitoring software to alert personnel of unauthorized modification of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons at least weekly.
  • PCI DSS Requirement 12 Maintain a policy that addresses information security for employees and contractors

Contact Us for a Demo

The NetIQ Solution

NetIQ's award winning and industry-recognized solutions can help in establishing and ensuring the 12 requirements of PCI DSS v1.2 are met on a continuing basis. Specific products that assist with PCI DSS compliance efforts include:

Contact NetIQ

Country: 

Sales:         (888)323-6768

     Additional Contact Information

Support:     (713) 418-5555

     Additional Contact Information

Renewals:  (713) 418-5035

Resources
Featured White Papers
 Search