Your SlideShare is downloading. ×
0
5 MYTHS ABOUT    PCI DSS  COMPLIANCE   PROGRAMS
Top Patch delivers information                                  security products that reduce risk,                       ...
5 Myths About                        PCI DSS Compliance ProgramsPCI DSS Compliance Programs:Store, transmit, process credi...
5 Myths About                        PCI DSS Compliance Programs• Myth #1: “Single product and vendor aresufficient”    • ...
5 Myths About                       PCI DSS Compliance Programs• Myth #2: “We are a small merchant, we areexempt”  • PCI a...
5 Myths About                       PCI DSS Compliance Programs• Myth #3: “We are compliant because weoutsource credit car...
5 Myths About                        PCI DSS Compliance Programs• Myth #4: “PCI will make us completelysecure” • PCI does ...
5 Myths About                        PCI DSS Compliance Programs• Myth #5: “We need to hire a QualifiedSecurity Assessor (“...
Top Patch delivers     information security  products that reduce risk,  increase data security and      ensure compliance...
Upcoming SlideShare
Loading in...5
×

5 Myths About PCI DSS Compliance Programs

242

Published on

Top Patch delivers information security products to reduce risk, increase data security and ensure compliance. TopPatch's Remediation Vault™ is the industry’s first peer-to-peer patch distribution product. Even with existing patch management solutions, Remediation Vault ensures completeness, coverage and speed so that vulnerabilities are patched before hackers can exploit them. With Remediation Vault, the vulnerabilities in the software installed on Unix, Linux, BSD, OSX and Window’s operating systems are up to date with the newest security patches.

TopPatch services include HIPAA/HITECH compliance management, PCI compliance management, intrusion detection/prevention systems, forensics, end-to-end data privacy compliance management, vulnerability assessment and management, log monitoring and management, FFIEC, GLBA, NCUA, NERC, and SOX compliance.

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
242
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Transcript of "5 Myths About PCI DSS Compliance Programs"

    1. 1. 5 MYTHS ABOUT PCI DSS COMPLIANCE PROGRAMS
    2. 2. Top Patch delivers information security products that reduce risk, increase data security and ensure compliance. • Remediation Vault™: first peer-to- peer patch distribution product. • Vulnerabilities patched before hackers can exploit them. • Unix, Linux, BSD, OSX and Windows OS protected with newest security patches. www.toppatch.com Email: alex@toppatch.com • Twitter: @toppatch©TopPatch • All Rights Reserved 349 Fifth Avenue, New York NY 10016, (646)
    3. 3. 5 Myths About PCI DSS Compliance ProgramsPCI DSS Compliance Programs:Store, transmit, process credit card informationsecurely • Payment brands and acquirers responsible to enforce compliance. • There are 12 requirements involving business processes and technologies to secure consumer information.
    4. 4. 5 Myths About PCI DSS Compliance Programs• Myth #1: “Single product and vendor aresufficient” • No single vendor can address the 12 PCI DSS requirements. • Beware of single product/single vendor approaches. • Implement holistic strategy, focus on bigger picture.
    5. 5. 5 Myths About PCI DSS Compliance Programs• Myth #2: “We are a small merchant, we areexempt” • PCI applies to all merchants and organizations accepting cardholder data. • Even if you process a handful of transactions.
    6. 6. 5 Myths About PCI DSS Compliance Programs• Myth #3: “We are compliant because weoutsource credit card processing” • Outsourcing simplifies payment card processing. • It does not result in automatic compliance. • Make sure provider’s terminals and applications comply with PCI standards and don’t store sensitive cardholder data. • Request a certificate of compliance.
    7. 7. 5 Myths About PCI DSS Compliance Programs• Myth #4: “PCI will make us completelysecure” • PCI does not translate into permanentsecurity. • Security exploits continue.
    8. 8. 5 Myths About PCI DSS Compliance Programs• Myth #5: “We need to hire a QualifiedSecurity Assessor (“QSA) in order to meet PCIrequirements”. • PCI does not mandate hiring a QSA. • Hiring a QSA provides an officer sign-off if acquirer or merchant bank agrees. • Smaller business may assess their business using the Self-Assessment Questionnaire found on the PCI web site. • PCI DSS Compliance requires merchants to have a quarterly vulnerability scan by a PCI SSC Approved Scanning Vendor (ASV).
    9. 9. Top Patch delivers information security products that reduce risk, increase data security and ensure compliance Request a free trial of the Remediation Vault for Best-In-Class Patch ManagementAlexEmail: alex@toppatch.com(646) 664-4265349 Fifth Avenue, New York, NY 10016www.toppatch.comTwitter: @toppatch
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×