SlideShare a Scribd company logo

PCI_Security_Awareness12345678904321.ppt

Download as PPT, PDF
G
gealehegn

awareness

Education
1 of 18
PCI-DSS Security Awareness What you need to know to protect our customers’ data
Developed by the five major card brands, to address potential areas of vulnerability and guide organizations in best practices to maintain the integrity of cardholder data. PCI DSS – What is it? Payment Card Industry, Data Security Standard
 Failure to comply could result in:  Significant fines from the card brands  Inability to accept credit cards for payment  Damage to Kent State University brand/reputation PCI DSS – What is it?
PCI Data Security Standard What does this mean for you?
Verify Card Elements & Security Features
When processing a credit card transaction…  Verify the following:  The card is signed.  The expiration date has not passed.  The signature on the receipt matches the card signature.  The receipt does not show the full 16-digit account number or card validation code.
PCI DSS Requirements Goals PCI DSS Requirements Build and Maintain a Secure Network and Systems 1. Install and maintain a firewall configuration to protect cardholder data. 2. Do not use vendor-supplied defaults for system passwords and other security parameters. Protect Cardholder Data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program 5. Protect all systems against malware and regularly update anti- virus software or programs 6. Develop and maintain secure systems and applications Implement Strong Access Control Measures 7. Restrict access to cardholder data by business need to know 8. Identify and authenticate access to system components 9. Restrict physical access to cardholder data Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data. 11. Regularly test security systems and processes Maintain an Information Security Policy 12. Maintain a policy that addresses information security for all personnel.
Implementing Strong Access Control Measures which Include: Restricting physical access to cardholder data. Focus on:
1. Periodically inspect all credit card devices for tampering or substitution. 2. Never allow direct physical access to the credit card device, without supervisor approval. 3. Be aware of suspicious behavior. 4. Immediately report tampering or evidence of “skimming” or any breach to your supervisor. Restrict physical access to cardholder data
Periodically inspect all credit card devices for tampering or substitution. Your credit card terminal will have a sticker on the back that provides the serial number for the device. Regularly check for altering or tampering. If the numbers do not match, the terminal may have been replaced. Tampering / Substitution – What to look for
Periodically inspect all credit card devices for tampering or substitution. Be aware of all access points to the inside of the device. A skimming device has been added to the inside compartment of this device. Tampering / Substitution – What to look for
Periodically inspect all credit card devices for tampering or substitution. In the bottom picture, the cord has been replaced, this could allow capture of credit card data, if left unnoticed. Tampering / Substitution – What to look for
Periodically inspect all credit card devices for tampering or substitution. Tampering / Substitution – What to look for More information on skimming prevention may be found at: https://www.pcisecuritystandards.org/security_standards/docume nts.php Download: “Skimming Prevention Best Practices for Merchants”
Never allow direct physical access to the credit card device without supervisor approval. Never allow access to credit card terminals without supervisor approval. Always verify with your supervisor the identity of any third-party claiming to be repair or service personnel.
Be aware of suspicious behavior. Be aware of suspicious behavior around devices (for example, attempts by unknown persons to unplug or open devices).
Immediately report tampering or evidence of skimming or any breach to your supervisor. If you become aware of evidence of tampering, replacement, or any other breach of credit card data, contact your supervisor immediately.
 PCI DSS: https://www.pcisecuritystandards.org/  KSU Policy: http://www2.kent.edu/policyreg/policydetails.cfm?customel_datapageid_19 76529=3861241  American Express: www.americanexpress.com/datasecurity  Discover: www.discovernetwork.com/fraudsecurity/disc.html  JCB International: http://partner.jcbcard.com/security/jcbprogram  MasterCard: www.mastercard.com/sdp  Visa Inc: www.visa.com/cisp PCI DSS – helpful links
Staff Name (Print) Signature Email Date Supervisor Name Signature Email Date PCI DSS Security Awareness Training has been reviewed with the following staff.

Recommended

Chameleon PCI Presentation
Chameleon PCI PresentationChameleon PCI Presentation
Chameleon PCI Presentationchristoboshoff
 
PCI Compliance Seminar
PCI Compliance SeminarPCI Compliance Seminar
PCI Compliance Seminardlinehan2
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides
 
PCI DSS Training compliance training for companies
PCI DSS Training compliance training for companiesPCI DSS Training compliance training for companies
PCI DSS Training compliance training for companiesgealehegn
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Risk Crew
 
PCI Compliance (for developers)
PCI Compliance (for developers)PCI Compliance (for developers)
PCI Compliance (for developers)Maksim Djackov
 
PCI What? The Basics of PCI Compliance Issues for Small Businesses
PCI What? The Basics of PCI Compliance Issues for Small BusinessesPCI What? The Basics of PCI Compliance Issues for Small Businesses
PCI What? The Basics of PCI Compliance Issues for Small BusinessesD. Michael Allen
 
PCI DSS for Penetration Testing
PCI DSS for Penetration TestingPCI DSS for Penetration Testing
PCI DSS for Penetration TestingNetwork Intelligence India
 

Recommended

Chameleon PCI Presentation
Chameleon PCI PresentationChameleon PCI Presentation
Chameleon PCI Presentationchristoboshoff
 
PCI Compliance Seminar
PCI Compliance SeminarPCI Compliance Seminar
PCI Compliance Seminardlinehan2
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides
 
PCI DSS Training compliance training for companies
PCI DSS Training compliance training for companiesPCI DSS Training compliance training for companies
PCI DSS Training compliance training for companiesgealehegn
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Risk Crew
 
PCI Compliance (for developers)
PCI Compliance (for developers)PCI Compliance (for developers)
PCI Compliance (for developers)Maksim Djackov
 
PCI What? The Basics of PCI Compliance Issues for Small Businesses
PCI What? The Basics of PCI Compliance Issues for Small BusinessesPCI What? The Basics of PCI Compliance Issues for Small Businesses
PCI What? The Basics of PCI Compliance Issues for Small BusinessesD. Michael Allen
 
PCI DSS for Penetration Testing
PCI DSS for Penetration TestingPCI DSS for Penetration Testing
PCI DSS for Penetration TestingNetwork Intelligence India
 
Pci compliance overview earth link business
Pci compliance overview earth link businessPci compliance overview earth link business
Pci compliance overview earth link businessMike Shelah
 
1. PCI Compliance Overview
1. PCI Compliance Overview1. PCI Compliance Overview
1. PCI Compliance Overviewokrantz
 
PCI Certification and remediation services
PCI Certification and remediation servicesPCI Certification and remediation services
PCI Certification and remediation servicesTariq Juneja
 
Credit Card Fraud PPT - Reena Prajapati.pptx
Credit Card Fraud PPT - Reena Prajapati.pptxCredit Card Fraud PPT - Reena Prajapati.pptx
Credit Card Fraud PPT - Reena Prajapati.pptxBoston Institute of Analytics
 
PCI DSS for Pentesting
PCI DSS for PentestingPCI DSS for Pentesting
PCI DSS for Pentestingn|u - The Open Security Community
 
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdf
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdf10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdf
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdfMerchantech - Payment Processing Services
 
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptx
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptx10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptx
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptxdarrengracia
 
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docxAssignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docxtrippettjettie
 
Online_Transactions_PCI
Online_Transactions_PCIOnline_Transactions_PCI
Online_Transactions_PCIKelly Lam
 
PCI Compliance Overview
PCI Compliance OverviewPCI Compliance Overview
PCI Compliance OverviewLawPay
 
Pci dss-for-it-providers
Pci dss-for-it-providersPci dss-for-it-providers
Pci dss-for-it-providersCalyptix Security
 
The Target Breach – Follow The Money
The Target Breach – Follow The MoneyThe Target Breach – Follow The Money
The Target Breach – Follow The MoneyResilient Systems
 
PCI,Smart Card,ATM and E-commerce
PCI,Smart Card,ATM and E-commercePCI,Smart Card,ATM and E-commerce
PCI,Smart Card,ATM and E-commerceAmira Serag
 
Cybersecurity Workshop
Cybersecurity Workshop Cybersecurity Workshop
Cybersecurity Workshop Kaufman & Canoles
 
CULCT Cybersecurity Workshop 2.10.15
CULCT Cybersecurity Workshop 2.10.15CULCT Cybersecurity Workshop 2.10.15
CULCT Cybersecurity Workshop 2.10.15E Andrew Keeney
 
Identity Theft Information for Businesses
Identity Theft Information for BusinessesIdentity Theft Information for Businesses
Identity Theft Information for BusinessesTri-State Better Business Bureau
 
CNS599NLEN_RiskAssessment
CNS599NLEN_RiskAssessmentCNS599NLEN_RiskAssessment
CNS599NLEN_RiskAssessmentTaishaun Owens
 
Payment Card Cashiering for Local Governments 2016
Payment Card Cashiering for Local Governments 2016Payment Card Cashiering for Local Governments 2016
Payment Card Cashiering for Local Governments 2016Donald E. Hester
 
Educause+PCI+briefing+4-19-20162345.pptx
Educause+PCI+briefing+4-19-20162345.pptxEducause+PCI+briefing+4-19-20162345.pptx
Educause+PCI+briefing+4-19-20162345.pptxgealehegn
 
Heartland
HeartlandHeartland
Heartlandgrimesjo
 
MIC_3e_Ch3Add more information to your upload.ppt
MIC_3e_Ch3Add more information to your upload.pptMIC_3e_Ch3Add more information to your upload.ppt
MIC_3e_Ch3Add more information to your upload.pptgealehegn
 
How to Create an Effective PowerPoint.ppt
How to Create an Effective PowerPoint.pptHow to Create an Effective PowerPoint.ppt
How to Create an Effective PowerPoint.pptgealehegn
 

More Related Content

Similar to PCI_Security_Awareness12345678904321.ppt

Pci compliance overview earth link business
Pci compliance overview earth link businessPci compliance overview earth link business
Pci compliance overview earth link businessMike Shelah
 
1. PCI Compliance Overview
1. PCI Compliance Overview1. PCI Compliance Overview
1. PCI Compliance Overviewokrantz
 
PCI Certification and remediation services
PCI Certification and remediation servicesPCI Certification and remediation services
PCI Certification and remediation servicesTariq Juneja
 
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdf
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdf10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdf
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdfMerchantech - Payment Processing Services
 
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptx
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptx10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptx
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptxdarrengracia
 
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docxAssignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docxtrippettjettie
 
Online_Transactions_PCI
Online_Transactions_PCIOnline_Transactions_PCI
Online_Transactions_PCIKelly Lam
 
PCI Compliance Overview
PCI Compliance OverviewPCI Compliance Overview
PCI Compliance OverviewLawPay
 
The Target Breach – Follow The Money
The Target Breach – Follow The MoneyThe Target Breach – Follow The Money
The Target Breach – Follow The MoneyResilient Systems
 
PCI,Smart Card,ATM and E-commerce
PCI,Smart Card,ATM and E-commercePCI,Smart Card,ATM and E-commerce
PCI,Smart Card,ATM and E-commerceAmira Serag
 
CULCT Cybersecurity Workshop 2.10.15
CULCT Cybersecurity Workshop 2.10.15CULCT Cybersecurity Workshop 2.10.15
CULCT Cybersecurity Workshop 2.10.15E Andrew Keeney
 
CNS599NLEN_RiskAssessment
CNS599NLEN_RiskAssessmentCNS599NLEN_RiskAssessment
CNS599NLEN_RiskAssessmentTaishaun Owens
 
Payment Card Cashiering for Local Governments 2016
Payment Card Cashiering for Local Governments 2016Payment Card Cashiering for Local Governments 2016
Payment Card Cashiering for Local Governments 2016Donald E. Hester
 
Educause+PCI+briefing+4-19-20162345.pptx
Educause+PCI+briefing+4-19-20162345.pptxEducause+PCI+briefing+4-19-20162345.pptx
Educause+PCI+briefing+4-19-20162345.pptxgealehegn
 

Similar to PCI_Security_Awareness12345678904321.ppt (20)

Pci compliance overview earth link business
Pci compliance overview earth link businessPci compliance overview earth link business
Pci compliance overview earth link business
 
1. PCI Compliance Overview
1. PCI Compliance Overview1. PCI Compliance Overview
1. PCI Compliance Overview
 
PCI Certification and remediation services
PCI Certification and remediation servicesPCI Certification and remediation services
PCI Certification and remediation services
 
Credit Card Fraud PPT - Reena Prajapati.pptx
Credit Card Fraud PPT - Reena Prajapati.pptxCredit Card Fraud PPT - Reena Prajapati.pptx
Credit Card Fraud PPT - Reena Prajapati.pptx
 
PCI DSS for Pentesting
PCI DSS for PentestingPCI DSS for Pentesting
PCI DSS for Pentesting
 
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdf
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdf10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdf
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pdf
 
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptx
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptx10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptx
10 Essential Strategies to Safeguard Your Business from Credit Card Fraud 1.pptx
 
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docxAssignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
 
Online_Transactions_PCI
Online_Transactions_PCIOnline_Transactions_PCI
Online_Transactions_PCI
 
PCI Compliance Overview
PCI Compliance OverviewPCI Compliance Overview
PCI Compliance Overview
 
Pci dss-for-it-providers
Pci dss-for-it-providersPci dss-for-it-providers
Pci dss-for-it-providers
 
The Target Breach – Follow The Money
The Target Breach – Follow The MoneyThe Target Breach – Follow The Money
The Target Breach – Follow The Money
 
PCI,Smart Card,ATM and E-commerce
PCI,Smart Card,ATM and E-commercePCI,Smart Card,ATM and E-commerce
PCI,Smart Card,ATM and E-commerce
 
Cybersecurity Workshop
Cybersecurity Workshop Cybersecurity Workshop
Cybersecurity Workshop
 
CULCT Cybersecurity Workshop 2.10.15
CULCT Cybersecurity Workshop 2.10.15CULCT Cybersecurity Workshop 2.10.15
CULCT Cybersecurity Workshop 2.10.15
 
Identity Theft Information for Businesses
Identity Theft Information for BusinessesIdentity Theft Information for Businesses
Identity Theft Information for Businesses
 
CNS599NLEN_RiskAssessment
CNS599NLEN_RiskAssessmentCNS599NLEN_RiskAssessment
CNS599NLEN_RiskAssessment
 
Payment Card Cashiering for Local Governments 2016
Payment Card Cashiering for Local Governments 2016Payment Card Cashiering for Local Governments 2016
Payment Card Cashiering for Local Governments 2016
 
Educause+PCI+briefing+4-19-20162345.pptx
Educause+PCI+briefing+4-19-20162345.pptxEducause+PCI+briefing+4-19-20162345.pptx
Educause+PCI+briefing+4-19-20162345.pptx
 
Heartland
HeartlandHeartland
Heartland
 

More from gealehegn

MIC_3e_Ch3Add more information to your upload.ppt
MIC_3e_Ch3Add more information to your upload.pptMIC_3e_Ch3Add more information to your upload.ppt
MIC_3e_Ch3Add more information to your upload.pptgealehegn
 
How to Create an Effective PowerPoint.ppt
How to Create an Effective PowerPoint.pptHow to Create an Effective PowerPoint.ppt
How to Create an Effective PowerPoint.pptgealehegn
 
hel29999999999999999999999999999999999999999999.ppt
hel29999999999999999999999999999999999999999999.ppthel29999999999999999999999999999999999999999999.ppt
hel29999999999999999999999999999999999999999999.pptgealehegn
 
csce201 - software - sec Basic Security.ppt
csce201 - software - sec Basic Security.pptcsce201 - software - sec Basic Security.ppt
csce201 - software - sec Basic Security.pptgealehegn
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.pptgealehegn
 
ch03Threat Modeling - Locking the Door to Vulnerabilities.ppt
ch03Threat Modeling - Locking the Door to Vulnerabilities.pptch03Threat Modeling - Locking the Door to Vulnerabilities.ppt
ch03Threat Modeling - Locking the Door to Vulnerabilities.pptgealehegn
 
Taiwan_2wehuikl;lkjjk;ivfazzfffggggh.ppt
Taiwan_2wehuikl;lkjjk;ivfazzfffggggh.pptTaiwan_2wehuikl;lkjjk;ivfazzfffggggh.ppt
Taiwan_2wehuikl;lkjjk;ivfazzfffggggh.pptgealehegn
 
pci-comp pci requirements and controls.ppt
pci-comp pci requirements and controls.pptpci-comp pci requirements and controls.ppt
pci-comp pci requirements and controls.pptgealehegn
 
SecurityDevelopmentLifecycle 202512.pptx
SecurityDevelopmentLifecycle 202512.pptxSecurityDevelopmentLifecycle 202512.pptx
SecurityDevelopmentLifecycle 202512.pptxgealehegn
 

More from gealehegn (9)

MIC_3e_Ch3Add more information to your upload.ppt
MIC_3e_Ch3Add more information to your upload.pptMIC_3e_Ch3Add more information to your upload.ppt
MIC_3e_Ch3Add more information to your upload.ppt
 
How to Create an Effective PowerPoint.ppt
How to Create an Effective PowerPoint.pptHow to Create an Effective PowerPoint.ppt
How to Create an Effective PowerPoint.ppt
 
hel29999999999999999999999999999999999999999999.ppt
hel29999999999999999999999999999999999999999999.ppthel29999999999999999999999999999999999999999999.ppt
hel29999999999999999999999999999999999999999999.ppt
 
csce201 - software - sec Basic Security.ppt
csce201 - software - sec Basic Security.pptcsce201 - software - sec Basic Security.ppt
csce201 - software - sec Basic Security.ppt
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
 
ch03Threat Modeling - Locking the Door to Vulnerabilities.ppt
ch03Threat Modeling - Locking the Door to Vulnerabilities.pptch03Threat Modeling - Locking the Door to Vulnerabilities.ppt
ch03Threat Modeling - Locking the Door to Vulnerabilities.ppt
 
Taiwan_2wehuikl;lkjjk;ivfazzfffggggh.ppt
Taiwan_2wehuikl;lkjjk;ivfazzfffggggh.pptTaiwan_2wehuikl;lkjjk;ivfazzfffggggh.ppt
Taiwan_2wehuikl;lkjjk;ivfazzfffggggh.ppt
 
pci-comp pci requirements and controls.ppt
pci-comp pci requirements and controls.pptpci-comp pci requirements and controls.ppt
pci-comp pci requirements and controls.ppt
 
SecurityDevelopmentLifecycle 202512.pptx
SecurityDevelopmentLifecycle 202512.pptxSecurityDevelopmentLifecycle 202512.pptx
SecurityDevelopmentLifecycle 202512.pptx
 

Recently uploaded

Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and ModificationsMJDuyan
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17Celine George
 
Economic Importance Of Fungi In Food Additives
Economic Importance Of Fungi In Food AdditivesEconomic Importance Of Fungi In Food Additives
Economic Importance Of Fungi In Food AdditivesSHIVANANDaRV
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfDr Vijay Vishwakarma
 
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdfFICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdfPondicherry University
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111GangaMaiya1
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Pooja Bhuva
 
How to Manage Call for Tendor in Odoo 17
How to Manage Call for Tendor in Odoo 17How to Manage Call for Tendor in Odoo 17
How to Manage Call for Tendor in Odoo 17Celine George
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSAnaAcapella
 
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonhttgc7rh9c
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfUGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfNirmal Dwivedi
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...EADTU
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17Celine George
 

Recently uploaded (20)

Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
Economic Importance Of Fungi In Food Additives
Economic Importance Of Fungi In Food AdditivesEconomic Importance Of Fungi In Food Additives
Economic Importance Of Fungi In Food Additives
 
Our Environment Class 10 Science Notes pdf
Our Environment Class 10 Science Notes pdfOur Environment Class 10 Science Notes pdf
Our Environment Class 10 Science Notes pdf
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdfFICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
How to Manage Call for Tendor in Odoo 17
How to Manage Call for Tendor in Odoo 17How to Manage Call for Tendor in Odoo 17
How to Manage Call for Tendor in Odoo 17
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
 
VAMOS CUIDAR DO NOSSO PLANETA! .
VAMOS CUIDAR DO NOSSO PLANETA! .VAMOS CUIDAR DO NOSSO PLANETA! .
VAMOS CUIDAR DO NOSSO PLANETA! .
 
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdfUGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
UGC NET Paper 1 Unit 7 DATA INTERPRETATION.pdf
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 

PCI_Security_Awareness12345678904321.ppt

  • 1. PCI-DSS Security Awareness What you need to know to protect our customers’ data
  • 2. Developed by the five major card brands, to address potential areas of vulnerability and guide organizations in best practices to maintain the integrity of cardholder data. PCI DSS – What is it? Payment Card Industry, Data Security Standard
  • 3.  Failure to comply could result in:  Significant fines from the card brands  Inability to accept credit cards for payment  Damage to Kent State University brand/reputation PCI DSS – What is it?
  • 4. PCI Data Security Standard What does this mean for you?
  • 5. Verify Card Elements & Security Features
  • 6. When processing a credit card transaction…  Verify the following:  The card is signed.  The expiration date has not passed.  The signature on the receipt matches the card signature.  The receipt does not show the full 16-digit account number or card validation code.
  • 7. PCI DSS Requirements Goals PCI DSS Requirements Build and Maintain a Secure Network and Systems 1. Install and maintain a firewall configuration to protect cardholder data. 2. Do not use vendor-supplied defaults for system passwords and other security parameters. Protect Cardholder Data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program 5. Protect all systems against malware and regularly update anti- virus software or programs 6. Develop and maintain secure systems and applications Implement Strong Access Control Measures 7. Restrict access to cardholder data by business need to know 8. Identify and authenticate access to system components 9. Restrict physical access to cardholder data Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data. 11. Regularly test security systems and processes Maintain an Information Security Policy 12. Maintain a policy that addresses information security for all personnel.
  • 8. Implementing Strong Access Control Measures which Include: Restricting physical access to cardholder data. Focus on:
  • 9. 1. Periodically inspect all credit card devices for tampering or substitution. 2. Never allow direct physical access to the credit card device, without supervisor approval. 3. Be aware of suspicious behavior. 4. Immediately report tampering or evidence of “skimming” or any breach to your supervisor. Restrict physical access to cardholder data
  • 10. Periodically inspect all credit card devices for tampering or substitution. Your credit card terminal will have a sticker on the back that provides the serial number for the device. Regularly check for altering or tampering. If the numbers do not match, the terminal may have been replaced. Tampering / Substitution – What to look for
  • 11. Periodically inspect all credit card devices for tampering or substitution. Be aware of all access points to the inside of the device. A skimming device has been added to the inside compartment of this device. Tampering / Substitution – What to look for
  • 12. Periodically inspect all credit card devices for tampering or substitution. In the bottom picture, the cord has been replaced, this could allow capture of credit card data, if left unnoticed. Tampering / Substitution – What to look for
  • 13. Periodically inspect all credit card devices for tampering or substitution. Tampering / Substitution – What to look for More information on skimming prevention may be found at: https://www.pcisecuritystandards.org/security_standards/docume nts.php Download: “Skimming Prevention Best Practices for Merchants”
  • 14. Never allow direct physical access to the credit card device without supervisor approval. Never allow access to credit card terminals without supervisor approval. Always verify with your supervisor the identity of any third-party claiming to be repair or service personnel.
  • 15. Be aware of suspicious behavior. Be aware of suspicious behavior around devices (for example, attempts by unknown persons to unplug or open devices).
  • 16. Immediately report tampering or evidence of skimming or any breach to your supervisor. If you become aware of evidence of tampering, replacement, or any other breach of credit card data, contact your supervisor immediately.
  • 17.  PCI DSS: https://www.pcisecuritystandards.org/  KSU Policy: http://www2.kent.edu/policyreg/policydetails.cfm?customel_datapageid_19 76529=3861241  American Express: www.americanexpress.com/datasecurity  Discover: www.discovernetwork.com/fraudsecurity/disc.html  JCB International: http://partner.jcbcard.com/security/jcbprogram  MasterCard: www.mastercard.com/sdp  Visa Inc: www.visa.com/cisp PCI DSS – helpful links
  • 18. Staff Name (Print) Signature Email Date Supervisor Name Signature Email Date PCI DSS Security Awareness Training has been reviewed with the following staff.