Vormetric data security  complying with pci dss encryption rules
Upcoming SlideShare
Loading in...5
×
 

Vormetric data security complying with pci dss encryption rules

on

  • 958 views

Download the whitepaper 'Vormetric Data Security: Complying with PCI DSS Encryption Rules from http://www.vormetric.com/pci82 ...

Download the whitepaper 'Vormetric Data Security: Complying with PCI DSS Encryption Rules from http://www.vormetric.com/pci82

This whitepaper outlines how Vormetric addresses PCI DSS compliance; it addresses Vormetric's position relative to the Payment Card Industry Security Standards Council's (PCI SSC) guidance on point-to-point encryption solutions. The whitepaper also features case studies of PCI DSS regulated companies leveraging Vormetric for PCI DSS compliance and maps PCI DSS requirements to Vormetric Data Security capabilities.

Vormetric Data Security helps organizations meet PCI DSS compliance demands with a transparent data security approach for diverse IT environments that requires minimal administrative support and helps companies to meet diverse data protection needs through an easy to manage solution.
For more information, join: http://www.facebook.com/VormetricInc
Follow: https://twitter.com/Vormetric
Stay tuned to: http://www.youtube.com/user/VormetricInc

Statistics

Views

Total Views
958
Views on SlideShare
955
Embed Views
3

Actions

Likes
1
Downloads
18
Comments
0

1 Embed 3

https://twitter.com 3

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Data exists in different formats, states, and locations, including unstructured file systems, structured database systems, and physical, public, private and virtual cloud environments. A comprehensive data security strategy is needed to protect sensitive data and meet industry compliance requirements including: The Hippa HITECH Act, UK Data Protection Act, South Korea’s and Taiwan’s Personal Information Protection Act, PCI DSS
  • The Payment Card Industry Data Security Standard mandates that companies take appropriate steps to safeguard sensitive cardholder payment information
  • PCI DSS 2.0 consists of 12 security standards including: Protecting Cardholder Data Implementing Strong Access Control Measures And Regularly Monitoring and Testing Networks while Maintaining an Information Security Policy
  • With the release of PCI 2.0 the encryption of data will become even more crucial for merchants
  • However, even with these stringent requirements in place, only 21% of companies were PCI compliant as of 2011
  • With Vormetric, you can rest assured knowing that your company will meet these requirements and ensure that your cardholder information is safe. Vormetric not only protects stored cardholder information, but also restricts access to data and tracks and monitors all access to network resources.
  • PCI DSS Requirement 3 requires that all stored cardholder information is protected with Vormetric, stored data is protected through encryption and access control.
  • Comply with PCI DSS Requirement 7 by implementing strong access control measures with an access control-based decryption policy.
  • You now also have the ability to comply with PCI DSS Requirement 10 through auditing and tracking capabilities, as well as the ability to protect both system-generated and Vormetric-generated audit logs.
  • Listen to what our customer’s are saying: It’s the perfect solution for meeting PCI DSS requirements. It’s one of the easiest products to implement I’ve ever used.
  • Vormetric has had a long history of supporting PCI Compliance, dating back to 2006 and including customers such as Green Dot, MetaBank, and the Aviation Reporting Corporation.
  • Vormetric Encryption Expert Agents are software agents that insert above the file system logical volume layers. The agents evaluate any attempt to access the protected data and apply predetermined policies to either grant or deny such attempts. This is a proven high-performance solution that transparently integrates into: Linux, UNIX, and Windows operating systems   to protect data in physical, virtual, and cloud environments. across all leading applications, databases, operating systems, and storage devices.
  • Want to learn more? Visit www.vormetric.com/pci82 to download the complying with PCI whitepaper.

Vormetric data security  complying with pci dss encryption rules Vormetric data security complying with pci dss encryption rules Presentation Transcript

  • Proven PCI Compliance with Stronger Data Protection Prevent loss of sensitive data with highly secure server encryption and key management.www.Vormetric.com
  • Data is Everywhere Public Cloud Virtual & Private Unstructured Data ( AWS, RackSpace, Smart Cloud ( Vmware, Citrix, File Systems Cloud, Savvis. Terremark) Hyper-V) Office documents, PDF, Vision, Audio… Remote Business Application Locations Systems (SAP, PeopleSoft, Oracle Security & & Systems Financials, In-house, CRM, Other Systems eComm/eBiz, etc.) (Event logs, Error logs Application Server Cache, Encryption keys, & other secrets) Security Systems Storage & Backup Systems SAN/NAS Backup Systems Data Communications Structured Database Systems VoIP Systems (SQL, Oracle, DB2, Informix, MySQL) FTP/Dropbox Server Database Server Email ServersSlide No: 2 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • Data SecurityComplying With PCI! The Payment Card Industry Data Security Standard mandates that companies take appropriate steps to safeguard sensitive cardholder payment information.Slide No: 3
  • PCI DSS 2.0 Security Standards Overview 1 & 2 Build and Maintain a Secure Network 3 & 4 Protect Cardholder Data Maintain a Vulnerability 5 & 6 Management Program 7, 8 & 9 Implement Strong Access Payment Card Control Measures Industry Data Security Standard (PCI DSS) Regularly Monitor and 10 & 11 Test Networks 12 Maintain an Information Security PolicySlide No: 4 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • PCI DSS 2.0 Mandates Tighter Controls i With the release of PCI 2.0 and the increased need to prove that a method exists to find all cardholder data stores and protect them appropriately, the encryption of data will become even more important “ to merchants. 2011 Payment Card Industry Report A study conducted By The Verizon PCI and RISK Intelligence Teams.Slide No: 5 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • Many Companies Remain Non-Compliant Co 21 m % pl ia n t ! 79% Non-Compliant 2011 Payment Card Industry Report A study conducted By The Verizon PCI and RISK Intelligence Teams.Slide No: 6 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • Vormetric Protects Cardholder Information Requirement 3 Requirement 7 Requirement 10 Protect stored Restrict access to Track and monitor all cardholder data cardholder data by access to network business need to know resources and cardholder dataSlide No: 7 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • Requirement 3 Protect Stored Data Without the use of intensive coding or integration efforts, we protect stored data by encrypting information and controlling access to the resources on which the data resides – either an application or a system.Slide No: 8 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • Requirement 7 Restrict Access to Cardholder Data According to Need to Know Vormetric Encryption combines encryption and key management with an access control-based decryption policy, enabling companies to comply with PCI DSS Requirement 7 in one transparent, system-agnostic solution.Slide No: 9 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • Requirement 10 Track & Monitor All Access to Network Resources & Cardholder Data We enable organizations to comply with PCI DSS Requirement 10 through auditing and tracking capabilities, as well as the ability to protect both system-generated and Vormetric-generated audit logs.Slide No: 10 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • What Customers Are Saying… Vormetric Data Security is quick and easy to “ i administer, while having negligible impact on performance. It’s the perfect solution for meeting PCI DSS requirements. Daryl Belfry, Director of IT, TAB Bank One of the tipping points for us was i Vormetric’s management console. It makes creating encryption profiles -- which contain unique guard points, security policies, and “ keys -- a snap. It’s one of the easiest products to implement I’ve ever used. Jim Fallon, Security Ops manager, Airlines Reporting CorporationSlide No: 11 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • History of Supporting PCI Compliance 2006 2008 2012Slide No: 12 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • Vormetric Encryption Architecture Users Application Policy is used to restrict access to sensitive data by Database user and process information provided Operating System by the Operating System. FS Agent SSL/TLS File Volume Systems ManagersSlide No: 13 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  • Data SecurityComplying With PCIDSS Encryption RulesDownload Whitepaper www.vormetric.com/pci82Slide No: 14
  • Proven PCI Compliance with Stronger Data Protection Prevent loss of sensitive data with highly secure server encryption and key management. www.vormetric.com/pci82www.Vormetric.com