If your company transfers, transmits or processes credit card data you fall under the Payment Card Industry Data Security Standard (PCI DSS). However although the PCI DSS was developed to protect credit card data, it is fast becoming a security standard for all sensitive company data such as patient records, financial data, or social security numbers. Companies need to look at their security processes, policies, and procedures that not only protect data in transit and at rest but also how they maintain security and/or compliance.
This whitepaper describes the 12 requirements and the 130+ sub requirements that make up the standard. It also shows how GlobalSCAPE's High Security-PCI solution can help put in place high security best practices for data transfer, access, and storage for ANY sensitive data - credit card related or not while providing continuing compliance to the PCI-DSS for those that need it.
A monitoring system to capture what is in compliance, what has failed, and warnings for what needs attention.
Protection of data in transit by enforcement of secure protocols, strong ciphers, and encryption keys.
Restriction of access to data with strong access controls e.g. password management to force password changes, enforce strong passwords, set password expirations and audit all password activity.
Set-up wizards to automatically configure server settings to meet the requirements.