PCI : White Paper

Aligning Application Security and Compliance

Apr 6 2011 in All, IT Security by Editors

Application Security, the Next Frontier of Compliance Application security is moving to the forefront Enterprises have gone to great lengths to improve information security and document compliance with regulations and industry standards like Sarbanes-Oxley, PCI DSS, HIPAA, FFIEC, FISMA and ISO 2700x. But one critical area is only now coming into focus: application security.

Tags: application security, area, coming into focus, Compliance, compliance application, critical area, document, document compliance, download, dss, FFIEC, fisma, Frontier, great lengths, information security, ISO, oxley, PCI, Sarbanes
Comments Off

PCI-DSS Complian ce and GFI Software Products

Apr 6 2011 in All, IT Security, Security by Editors

The Payment Card Industry Data Security Standard (PCI DSS) compliance is a set of specific security standards developed by the payment brands* to help promote the adoption of consistent data security measures that are needed to protect sensitive payment-card information. The standard applies to all organizations which hold, process, or exchange cardholder information from any [...]

Tags: american express, Compliance, consistent data, Data, data security, exchange, Express, Financial, GFI, gfi software, international mastercard, Payment, payment brands, PCI, security measures, security standards, sensitive payment, set, Software, visa inc
Comments Off

Securing Custom Application Credentials

Mar 28 2011 in All, IT Security, Security by Editors

It is not unusual for many small and medium-sized businesses to have several custom applications running in their environments. These applications range from customer facing websites, internal intranet web sites, windows applications, windows services, and small utility programs that run on a schedule. In a distributed environment these various custom applications all need access to [...]

Tags: administrative nightmare, basis, Business, Compliance, compliance requirements, config files, core problem, Credentials, custom applications, customer, domain, domain accounts, intranet web, KEMU, machine accounts, medium sized business, medium sized businesses, PCI, Securing, security
Comments Off

How to comply with the Payment Card Industry Standard – Astaro OrangePaper

Mar 22 2011 in All, Security by admin

The Payment Card Industry Data Security Standard (PCI DSS) requires minimum standards of security from any organization that handles payment cards or credit cards. The details of the security requirements vary with the size of the organization, but in each case, three steps are required. Risk Assessment Safeguards Implementation based on the Risk Assessment Vulnerability [...]

Tags: Assessment, Astaro, credit, credit cards, Data, data security, download, dss, effectiveness, organization, Payment, payment cards, PCI, risk assessment, safeguards, security requirements, three steps, Vulnerability, vulnerability assessment
Comments Off