Your SlideShare is downloading. ×
0
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
PCI in the Franchise System – People, Processes and Technology
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

PCI in the Franchise System – People, Processes and Technology

428

Published on

Businesses worry about security breaches but often fail to look at Payment Card Industry Data Security Standard (PCI DSS) compliance as whole, centering their attention on their technology only. The …

Businesses worry about security breaches but often fail to look at Payment Card Industry Data Security Standard (PCI DSS) compliance as whole, centering their attention on their technology only. The other two aspects of PCI DSS, people and processes, are ignored, leading the company vulnerable to possible security attacks.

Three Pillars:
++Technology. Most companies have a secure firewall, and believe that they are PCI compliant. Building a secure network is only one of the twelve requirements of PCI DSS.
++People. Sensitive data, whether a credit card number or a customer’s address, should be treated like cash. Mishandling=money loss.
++Process. PCI is not a “set it and forget it” process. Implementing regular maintenance and a security policy are part of ongoing process of PCI DSS.

The webcast will explore more of the people and process requirements, and how ANX can quickly implement an all-in-one solution to the three pillars. Having ANX as your PCI DSS solutions frees up resources and ensures that the ever changing security threats are managed.

Published in: Economy & Finance, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
428
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. The Three Pillars of PCI:A Solid Foundation forFranchise Systems .com
  • 2. THE THREE PILLARS OF PCILogistics All lines are in listen-only mode. We will answer questions at the end of the event. But feel free to ask questions at any time. A link to the webinar recording will be e-mailed shortly after the event, and it will be available on-demand at: www.anx.com Every attendee receives One attendee will receive a All series attendees will be a $5 Starbucks Gift Card $50 Amazon.com Gift Certificate Entered to win a Kindle Fire CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 3. THE THREE PILLARS OF PCIPresenter GLENN MOORE Vice President, Marketing CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 4. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 5. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 6. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 7. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 8. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 9. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 10. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 11. THE THREE PILLARS OF PCIMerchant Levels Merchant Level # of Credit Card Transaction Annually 1 + 6 million 2 1 - 6 million 3 20,000 - 1 million 4 < 20,000 CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 11
  • 12. THE THREE PILLARS OF PCILevel 4 Merchants the Target of Choice Level 1-3 10% RISK LEVEL Level 4 90% CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 12
  • 13. THE THREE PILLARS OF PCICost of a Security Breach$204 per record Level 4 90% Ponemon Institute CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 13
  • 14. THE THREE PILLARS OF PCICost of a Security Breach Loss of Productivity Loss of Customer Loyalty Legal Action Level 4 Unfavorable Media Coverage 90% Customer Turnover CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 14
  • 15. THE THREE PILLARS OF PCIEffects on brand Level 4 A data breach at just one location can 90% result in a 12% reduction in brand value CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 15
  • 16. THE THREE PILLARS OF PCIEffects on Brand Level 4 90% Average 1 year to restore brand reputation CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 16
  • 17. THE THREE PILLARS OF PCI LackLevel Four TechnicalMerchants Staff and Resources Level 4 90% CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 17
  • 18. THE THREE PILLARS OF PCICorporate’s Role Tracking ToolsInvolvement Help 90% Level 4 CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 18
  • 19. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 20. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 21. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 22. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 23. THE THREE PILLARS OF PCI44% Use vendor-supplied passwords and default CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 24. THE THREE PILLARS OF PCI Training – PCI – Safe information handling CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 25. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 26. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 27. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 28. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 29. THE THREE PILLARS OF PCI Firewall UTM WiFi CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 30. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 31. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 32. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 33. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 34. THE THREE PILLARS OF PCI 48% Companies properly monitor and log all access to network and cardholder data CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 35. THE THREE PILLARS OF PCIIndividual Passwords Removing DefaultManaged & Updated Build CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 36. THE THREE PILLARS OF PCI PCI DSS Requirement 12 Maintain a policy that addresses information security CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 37. THE THREE PILLARS OF PCI 39% Fully Meet Requirement 12 CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 38. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 39. THE THREE PILLARS OF PCI CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 40. THE THREE PILLARS OF PCIWhat Can You Do?Need easy to usePCI Compliance Tools CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 41. THE THREE PILLARS OF PCIWhat Can You Do? Highly responsive customer service • U.S. based • Available hours • Highly trained CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 42. THE THREE PILLARS OF PCIWhat Can You Do? Customer Support For Level 4 Merchants CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 43. THE THREE PILLARS OF PCI How can Help? CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved.
  • 44. THE THREE PILLARS OF PCI .comFully managed securitysolutions featuring leading edgesecurity technology and expertsupport Powerful Software-as-a- Service solutions to simplify compliance and risk management Fully managed connectivity solutions to help business communities securely collaborate CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 44
  • 45. THE THREE PILLARS OF PCI .com One Affordable Monthly ChargeManaged Data Breach PCI Support RemoteSecurity Protection Access CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 45
  • 46. THE THREE PILLARS OF PCI .comIdentify and track applicable regulations and internal standardsConduct annual assessments (e.g. SAQ, ROC)Meet annual PCI DSS training requirements (12.6.1, 12.6.2)Perform quarterly external vulnerability scansTrack compliance status throughout the yearIdentify control deficiencies & prioritize them based on risk methodologyManage remediation & chart progress towards organizational objectives CONFIDENTIAL | ANXeBusiness Corp. | 5/1/2012 | © 2011 ANXeBusiness Corp. All rights reserved. 46
  • 47. THE THREE PILLARS OF PCI .com A Full Set of Tools for Franchise Networks PCI Consulting Packages PCI Foundation PCI Implementation PCI Validation PCI Maintenance - PCI Report on - Annual TruPCI Compliance Subscription - PCI Gap Analysis & - Annual TruPCI - Penetration Testing Recommendations Subscription - Payment App Pen - PCI Guidance Services - Guidance Services - OR - Test - PCI Policy - Implementation - Selection and - Quarterly Scanning Development Services Completion of SAQ - eLearning - Annual TruPCI - PCI Guidance - UTM Device Subscription Services Management - Annual TruPCI - Security Device Subscription Management CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 47
  • 48. THE THREE PILLARS OF PCI .com To Learn More About ANX E-mail us at Call us sales@anx.com 877-876-6920 Or visit us at .com CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 48
  • 49. THE THREE PILLARS OF PCIDrawing and Questions E-mail us atsales@anx.com Call us 877-876-6920 www.facebook.com/anxebusiness Or visit us at .com anx CONFIDENTIAL | www.ANX.com | 5/1/2012 | © 2012 ANXeBusiness Corp. All rights reserved. 49

×