6 ways reduce pci dss audit scope tokenizing cardholder data
Interested in learning more about security?SANS InstituteInfoSec Reading RoomThis paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission. Six Ways to Reduce PCI DSS Audit Scope by Tokenizing Cardholder data Enterprises are seeking ways to simplify and reduce the scope of the Payment Card industry's data security standard (PCi dss) compliance by shrinking the footprint where cardholder data is located throughout their organization. By reducing the scope, these enterprises can dramatically lower the cost and anxiety of PCi dss compliance and significantly increase the chance of audit success. Compliance with the PCi dss is a combination of documented best practices and technology solutions that protect ca... Copyright SANS Institute Author Retains Full Rights AD
A NUBRIDGES WHITE PAPERSix Ways to Reduce PCI DSS Audit Scopeby Tokenizing Cardholder DataEnterprises are seeking ways to simplify and reduce the scope of the Payment Card Industry’sData Security Standard (PCI DSS) compliance by shrinking the footprint where cardholderdata is located throughout their organization. By reducing the scope, these enterprises candramatically lower the cost and anxiety of PCI DSS compliance and signi cantly increase thechance of audit success.Compliance with the PCI DSS is a combination of documented best practices and technologysolutions that protect cardholder data across the enterprise. This paper explores the use oftokenization as a best practice in improving the security of credit card transactions, while at thesame time minimizing the cost and complexity of PCI DSS compliance by reducing audit scope.
Last Updated: October 17th, 2012 Upcoming SANS Training Click Here for a full list of all Upcoming SANS Events by LocationSANS Chicago 2012 Chicago, ILUS Oct 27, 2012 - Nov 05, Live Event 2012SANS South Africa 2012 Johannesburg, ZA Oct 29, 2012 - Nov 06, Live Event 2012SANS Bangalore 2012 Bangalore, IN Oct 29, 2012 - Nov 03, Live Event 2012SANS Tokyo Autumn 2012 Tokyo, JP Nov 05, 2012 - Nov 10, Live Event 2012SANS Korea 2012 Seoul, KR Nov 05, 2012 - Nov 13, Live Event 2012FOR526 Beta Denver, COUS Nov 05, 2012 - Nov 09, Live Event 2012SANS San Diego 2012 San Diego, CAUS Nov 12, 2012 - Nov 17, Live Event 2012SANS Sydney 2012 Sydney, AU Nov 12, 2012 - Nov 20, Live Event 2012SANS London 2012 London, GB Nov 26, 2012 - Dec 03, Live Event 2012SANS San Antonio 2012 San Antonio, TXUS Nov 27, 2012 - Dec 02, Live Event 2012European SCADA and Process Control System Security Barcelona, ES Dec 05, 2012 - Dec 11, Live EventSummit 2012SANS2012 Cyber Defense Initiative 2012 Washington, DCUS Dec 07, 2012 - Dec 16, Live Event 2012SANS Egypt 2012 Cairo, EG Dec 08, 2012 - Dec 20, Live Event 2012Mobile Device Security Summit 2013 Anaheim, CAUS Jan 07, 2013 - Jan 14, Live Event 2013Virtualization and Cloud Computing Summit 2013 Anaheim, CAUS Jan 07, 2013 - Jan 14, Live Event 2013SEC528: SANS Training Program for the CompTIA New Washington, DCUS Jan 07, 2013 - Jan 11, Live EventAdvanced Security Practitioner Certification 2013SANS Security East 2013 New Orleans, LAUS Jan 16, 2013 - Jan 23, Live Event 2013SANS South Africa 2012 - Cape Town OnlineZA Oct 26, 2012 - Oct 27, Live Event 2012SANS OnDemand Books & MP3s OnlyUS Anytime Self Paced