Feb 19 -- Secure Computing Corp., an enterprise gateway security provider, unveiled last week the company's new Payment Card Industry (PCI) Initiative, a program aimed at providing global organizations with the information, tools and solutions needed to comply with the new PCI Data Security Standard (DSS). Deadline dates for compliance are imminent, with the first 6.6 requirement of installing an application-layer firewall in front of all Web-facing applications taking effect from June this year.
Key components of the initiative are education and expert resources, commencing with a PCI compliance Webinar, featuring guest speaker Chris Christiansen, vice president of Security Products and Services, IDC. A dedicated Secure Computing Website has also been developed to help educate organizations about the 12 major PCI requirements and provide information on how security solutions and best practices can help them comply with the new standard.
Secure Computing of San Jose, California delivers a comprehensive set of solutions that help customers protect their critical Web, email and network assets. The company also offers a suite of comprehensive solutions to help organizations comply with the new standard, including Sidewinder, its network and application-layer firewall that fulfills the first requirement by defending networks and Internet-facing applications from all types of known and unknown malicious threats.
PCI DSS is an accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information. PCI DSS was created jointly in 2004 by Visa, MasterCard, Discover and American Express. It clearly outlines the 12 key requirements with which companies processing, storing, or transmitting payment card data must comply or risk losing their payment processing abilities. Merchants and payment card service providers must validate their compliance periodically with auditors.
"With the recent rise in data breaches containing credit card information and the alarming increase in identity thefts, the implementation of a sound information security program is no longer optional," said Chris Christiansen, vice president of Security Products and Services, IDC. "Companies processing credit card information must embrace and implement solid data protection strategies to ensure the confidentiality and integrity of their customers' confidential information. The cost of compliance is far less expensive than the cost of remediation, which more often than not also includes the high price of lost public confidence and overall brand equity."
With the deadline dates for compliance with PCI DSS looming, payment processing companies must implement solutions to protect their customers' personal data.
Secure Computing offers a suite of integrated and secure solutions to help companies comply with all of the PCI requirements in the following ways, including Secure Computing Sidewinder that satisfies both PCI requirements for network and application firewalls with one comprehensive solution, enabling organizations to comply with the 6.6 requirement by the June 30, 2008 deadline. Secure Computing SnapGear, which provides cost effective VPN (virtual private network) security for retail stores, franchises or any point-of-sale deployment, Secure Computing SafeWord that provides strong authentication for remote and admin access for in-scope PCI systems, Secure Computing IronMail, which automatically discovers and encrypts or blocks emails containing Primary Account Number (PAN) based on policy, and Secure Computing Webwasher, which helps prevent phishing and other malware attacks targeting PANs and user data.
These solutions also help ease the burden of compliance with many other industry regulations, including the Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act of 2002 (SOX), and more.
"In addition to protecting against the onslaught of security threats, organizations today are required to demonstrate compliance with a growing number of industry regulations and standards," said Ken Rutsky, vice president of product marketing at Secure Computing. "Secure Computing recognizes the challenges facing our customers, and is committed to helping them simplify the process by providing all-in-one security and compliance solutions from one trusted vendor."
As part of its initiative, Secure Computing is participating in the PCI Security Standards Council, an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.
The PCI Security Standards Council's mission is to enhance payment account data security by fostering broad adoption of the PCI Security Standards. The organization was founded by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International.
Participating organizations have an opportunity to influence the direction of PCI standards through active involvement in community meetings, advance review of drafts of standards and supporting materials, and regular dialogue with key stakeholders.
