If your business accepts credit or debit card payments from its customers, chances are you'll be only too aware of Payment Card Industry Data Security Standards (PCI DSS) compliance - which offers comprehensive standards to enhance payment card data security.
So unless you've had your head buried in the compliance sands you'll know that version 2.0 of the standard ends life in December 2014, ready for January 2015 when version 3.0 officially kicks in. There's no doubt that the standards provide important guidance as the security landscape changes. It aims to provide a stronger focus on some of the greater risk areas in the threat environment and help businesses to manage evolving risks / threats. But with a myriad of updates, 3.0 has the potential to leave IT managers and PCI internal auditors scrambling to ensure they comply with the upgraded standard and stay audit ready, particularly when it comes to network security.
What's clear is the changes will be time consuming and challenging for network owners. It simply won't be possible for network security teams to manually integrate the new policies, the management and testing required for compliance, while still carrying on with everyday tasks.
We're here to help and guide you through the PCI DSS 3.0 maze! You can find out more on our website here as well as checking out the following resources:
- Best Practice for PCI DSS 3.0 Network Security Compliance whitepaper: This paper provides information to IT managers and PCI internal auditors for understanding network security needs and best practices around credit card threats and the related requirements for PCI DSS 3.0 audits. Content includes seven PCI best practices for network security and a quick PCI DSS network security checklist.
- Register Now for the PCI Webinar: December 15 - Has Your Network Security Team Completed the Move to PCI DSS 3.0?: We'll look at best practices for planning your network security and ongoing network management, within the requirements of PCI DSS 3.0. We will also share lessons learned from leading retail and finance companies.
Rather than a cause for concern, PCI DSS 3.0 can actually be an opportunity to get your compliance house in order. It's possible for companies to substantially reduce the time and cost of PCI compliance at a device level - firewalls, routers – as well as related network security infrastructure. In fact, if managed properly its possible to reduce audit preparation time by more than 50%.