PCI Data Security Overview Presentation for Merchants

948 views

Published on

Presentation on PCI compliance for the Credit & Financial Development Division of
The National Association of Credit Management Kansas City Chapter. Prineta is a frequent guest speaker at industry events.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
948
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • In March 2011, a Massachusetts restaurant chain was the first company fined under the state's toughest in the nation data breach law and will have to pay $110,000 in penalties, according to a statement by the Massachusetts Attorney General. http://threatpost.com/en_us/blogs/restaurant-chain-first-fined-under-massachusetts-data-breach-law-032911
  • http://www.ponemon.org/news-2/23
  • Payment Card Industry Security Standards Council (PCI SSC) was launched on September 7, 2006 to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with focus on improving payment account security throughout the transaction process.  The PCI DSS is administered and managed by the PCI SSC (www.pcisecuritystandards.org), an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB.).  It is important to note, the payment brands and acquirers are responsible for enforcing compliance, not the PCI council. 
  • https://www.pcisecuritystandards.org/documents/PCI%20SSC%20Quick%20Reference%20Guide.pdf
  • https://www.pcisecuritystandards.org/documents/PCI%20Data%20Storage%20Dos%20and%20Donts.pdf
  • On July 9, 2009, Missouri Governor Jay Nixon signed House Bill 62 ("HB 62”), making the Show-Me State the 45th state with an information security breach notification law on the books.
  • https://www.pcisecuritystandards.org/documents/PCI%20Data%20Storage%20Dos%20and%20Donts.pdf
  • PCI Data Security Overview Presentation for Merchants

    1. 1. Now You Have a Friend in the Bankcard BusinessPCI ComplianceCredit & Financial Development Division ofThe National Association of Credit ManagementKansas City Chapter© PRINETA, LLC This information is the property of PRINETA, LLC and/or its affiliates and may contain restricted, confidential or privileged materials intended for the sole use of the intended recipient. Any review, use, distribution or disclosure is prohibited without authorization.
    2. 2. So I guess you’ve heard about the risk?In March 2011, a Massachusetts restaurant chain was the first company fined under the statestoughest in the nation data breach law and will have to pay $110,000 in penalties. © Prineta LLC.. This information is the property of Prineta Payment Consulting and/or its affiliates and may contain restricted, confidential or privileged materials intended for the sole use of the intended recipient. Any review, use, distribution or disclosure is prohibited without authorization.
    3. 3. Is your company adequately protected? 85% of breaches happen to small companies© Prineta LLC.. This information is the property of Prineta Payment Consulting and/or its affiliates and may contain restricted, confidential orprivileged materials intended for the sole use of the intended recipient. Any review, use, distribution or disclosure is prohibited without authorization.
    4. 4. What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Robust and comprehensive standards and supporting materials to enhance payment card data security. An actionable framework of specifications, tools, measurements and support resources to help organizations ensure the safe handling of cardholder information at every step -- including prevention, detection and appropriate reaction to security incidents.© Prineta LLC.. This information is the property of Prineta Payment Consulting and/or its affiliates and may contain restricted, confidential orprivileged materials intended for the sole use of the intended recipient. Any review, use, distribution or disclosure is prohibited without authorization.
    5. 5. PCI Data Security Standards Rock© Prineta LLC.. This information is the property of Prineta Payment Consulting and/or its affiliates and may contain restricted, confidential orprivileged materials intended for the sole use of the intended recipient. Any review, use, distribution or disclosure is prohibited without authorization.
    6. 6. Overview of PCI DSS Requirements Guidance for Understanding PCI Security Requirements© Prineta LLC.. This information is the property of Prineta Payment Consulting and/or its affiliates and may contain restricted, confidential orprivileged materials intended for the sole use of the intended recipient. Any review, use, distribution or disclosure is prohibited without authorization.
    7. 7. PCI DSS Data Storage Do’s and Don’ts© Prineta LLC.. This information is the property of Prineta Payment Consulting and/or its affiliates and may contain restricted, confidential orprivileged materials intended for the sole use of the intended recipient. Any review, use, distribution or disclosure is prohibited without authorization.
    8. 8. Learn More About PCI PCI Compliant Merchants Less Likely to be Victims States Enact Data Security Breach Legislation Non-Compliance Fines Range from $5,000 to $500,© Prineta LLC.. This information is the property of Prineta Payment Consulting and/or its affiliates and may contain restricted, confidential orprivileged materials intended for the sole use of the intended recipient. Any review, use, distribution or disclosure is prohibited without authorization.
    9. 9. Contact Prineta G. Jason Schnellbacher Security & PCI Compliance Expert Schnell[at]Prineta.com© Prineta LLC.. This information is the property of Prineta Payment Consulting and/or its affiliates and may contain restricted, confidential orprivileged materials intended for the sole use of the intended recipient. Any review, use, distribution or disclosure is prohibited without authorization.

    ×