Information Security Program & PCI Compliance Planning for your Business

Information Security Program & PCI Compliance Planning for your Business
Skeletal Elements of your Organization’s IT Systems Deter, Detect and Defend Against Data Breaches Information Security Program & Payment Card Industry Data Security (PCI DSS) Compliance for Your Business
77 Million Users 10 Million Credit Card Compromised Accounts Losses ??? Millions of Names and Email Addresses of over 2,500 Major Companies Consequences??
94 Million Compromised Accounts 83 Million Dollars in Losses 4 Million Compromised Accounts 100’s of Compromised Accounts 50,000+ Credit Card Transactions Processed Yearly 20,000+ Credit Cards Numbers
Essentials Elements of a Successful Information Technology Security Program
Payment Card Industry Data Security (PCI DSS) Compliance for Your Business
We all can help to Deter, Detect and Defend against ID Theft with these 5 easy steps: Take Stock – Know Where the Info Is Scale Down – Keep Only What is Needed Lock It – Protect the Info We Do Keep Pitch It – Properly Dispose of What We Don’t Plan Ahead – Create a Plan to Response to a Breach
The Road to PCI DSS Compliance is dependent on the Merchant Level & Self Assessment Questionnaire (SAQ) Validation Types
Self Assessment Questionnaire (SAQ) Validation Types
Maintain Information Security Policy Requirement 12 SAQ A,B,C,D Regularly Test Security Systems/Processes Requirement 11 SAQ C,D Track & Monitor Access to Network Resources & CHD Requirement 10 SAQ C,D Restrict Physical Access to CHD Requirement 9 SAQ A,B,C,D Assign Unique ID for each person w/ computer access to CHD Requirement 8 SAQ C,D Restrict CHD Access to Business Need-to-Know Requirement 7 SAQ B,C,D Develop & Maintain Secure Systems/Applications Requirement 6 SAQ C,D Use & Regularly Update Anti-Virus Software Requirement 5 SAQ C,D Encrypt Transmission of CHD across Public Networks Requirement 4 SAQ B,C,D Protect Stored CHD Requirement 3 SAQ B,C,D Change All Defaults Passwords & Security Parameters Requirement 2 SAQ C,D Install & Maintain Firewall Configuration to protect CHD Requirement 1 SAQ C,D Security Requirements for PCI DSS Compliance
Prioritized Approach to Pursue PCI DSS Compliance Tool https://www.pcisecuritystandards.org/documents/Prioritized_Approach_PCI_DSS_version1_2.xls
PCI Compliance in its simplest form is; if you don’t need the cardholder data - then don’t store it, if you store it, you must protect it.
Questions??

Check these out next

Information Security Program & PCI Compliance Planning for your Business

Recommended

More Related Content

Slideshows for you(19)

Viewers also liked(9)

Similar to Information Security Program & PCI Compliance Planning for your Business(20)

Recently uploaded(20)