Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Vormetric data security complying with pci dss encryption rules

1,335 views

Published on

Download the whitepaper 'Vormetric Data Security: Complying with PCI DSS Encryption Rules from http://www.vormetric.com/pci82

This whitepaper outlines how Vormetric addresses PCI DSS compliance; it addresses Vormetric's position relative to the Payment Card Industry Security Standards Council's (PCI SSC) guidance on point-to-point encryption solutions. The whitepaper also features case studies of PCI DSS regulated companies leveraging Vormetric for PCI DSS compliance and maps PCI DSS requirements to Vormetric Data Security capabilities.

Vormetric Data Security helps organizations meet PCI DSS compliance demands with a transparent data security approach for diverse IT environments that requires minimal administrative support and helps companies to meet diverse data protection needs through an easy to manage solution.
For more information, join: http://www.facebook.com/VormetricInc
Follow: https://twitter.com/Vormetric
Stay tuned to: http://www.youtube.com/user/VormetricInc

  • Be the first to comment

Vormetric data security complying with pci dss encryption rules

  1. 1. Proven PCI Compliance with Stronger Data Protection Prevent loss of sensitive data with highly secure server encryption and key management.www.Vormetric.com
  2. 2. Data is Everywhere Public Cloud Virtual & Private Unstructured Data ( AWS, RackSpace, Smart Cloud ( Vmware, Citrix, File Systems Cloud, Savvis. Terremark) Hyper-V) Office documents, PDF, Vision, Audio… Remote Business Application Locations Systems (SAP, PeopleSoft, Oracle Security & & Systems Financials, In-house, CRM, Other Systems eComm/eBiz, etc.) (Event logs, Error logs Application Server Cache, Encryption keys, & other secrets) Security Systems Storage & Backup Systems SAN/NAS Backup Systems Data Communications Structured Database Systems VoIP Systems (SQL, Oracle, DB2, Informix, MySQL) FTP/Dropbox Server Database Server Email ServersSlide No: 2 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  3. 3. Data SecurityComplying With PCI! The Payment Card Industry Data Security Standard mandates that companies take appropriate steps to safeguard sensitive cardholder payment information.Slide No: 3
  4. 4. PCI DSS 2.0 Security Standards Overview 1 & 2 Build and Maintain a Secure Network 3 & 4 Protect Cardholder Data Maintain a Vulnerability 5 & 6 Management Program 7, 8 & 9 Implement Strong Access Payment Card Control Measures Industry Data Security Standard (PCI DSS) Regularly Monitor and 10 & 11 Test Networks 12 Maintain an Information Security PolicySlide No: 4 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  5. 5. PCI DSS 2.0 Mandates Tighter Controls i With the release of PCI 2.0 and the increased need to prove that a method exists to find all cardholder data stores and protect them appropriately, the encryption of data will become even more important “ to merchants. 2011 Payment Card Industry Report A study conducted By The Verizon PCI and RISK Intelligence Teams.Slide No: 5 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  6. 6. Many Companies Remain Non-Compliant Co 21 m % pl ia n t ! 79% Non-Compliant 2011 Payment Card Industry Report A study conducted By The Verizon PCI and RISK Intelligence Teams.Slide No: 6 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  7. 7. Vormetric Protects Cardholder Information Requirement 3 Requirement 7 Requirement 10 Protect stored Restrict access to Track and monitor all cardholder data cardholder data by access to network business need to know resources and cardholder dataSlide No: 7 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  8. 8. Requirement 3 Protect Stored Data Without the use of intensive coding or integration efforts, we protect stored data by encrypting information and controlling access to the resources on which the data resides – either an application or a system.Slide No: 8 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  9. 9. Requirement 7 Restrict Access to Cardholder Data According to Need to Know Vormetric Encryption combines encryption and key management with an access control-based decryption policy, enabling companies to comply with PCI DSS Requirement 7 in one transparent, system-agnostic solution.Slide No: 9 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  10. 10. Requirement 10 Track & Monitor All Access to Network Resources & Cardholder Data We enable organizations to comply with PCI DSS Requirement 10 through auditing and tracking capabilities, as well as the ability to protect both system-generated and Vormetric-generated audit logs.Slide No: 10 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  11. 11. What Customers Are Saying… Vormetric Data Security is quick and easy to “ i administer, while having negligible impact on performance. It’s the perfect solution for meeting PCI DSS requirements. Daryl Belfry, Director of IT, TAB Bank One of the tipping points for us was i Vormetric’s management console. It makes creating encryption profiles -- which contain unique guard points, security policies, and “ keys -- a snap. It’s one of the easiest products to implement I’ve ever used. Jim Fallon, Security Ops manager, Airlines Reporting CorporationSlide No: 11 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  12. 12. History of Supporting PCI Compliance 2006 2008 2012Slide No: 12 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  13. 13. Vormetric Encryption Architecture Users Application Policy is used to restrict access to sensitive data by Database user and process information provided Operating System by the Operating System. FS Agent SSL/TLS File Volume Systems ManagersSlide No: 13 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.
  14. 14. Data SecurityComplying With PCIDSS Encryption RulesDownload Whitepaper www.vormetric.com/pci82Slide No: 14
  15. 15. Proven PCI Compliance with Stronger Data Protection Prevent loss of sensitive data with highly secure server encryption and key management. www.vormetric.com/pci82www.Vormetric.com

×