PCI DSS and Net Report
What is PCI DSS?
PCI DSS stands for Payment Card Industry (PCI) Data Security Standard (DSS). It was developed by the major credit card companies as a guideline to help organizations that process card payments prevent credit card fraud, hacking and other security issues. A retailer processing, storing, or transmitting credit card numbers must be PCI DSS compliant or they risk to lose the ability to process credit card payments.
PCI DSS reflects the combined interests of VISA, MasterCard, Discover, Amertican Express and JCB. These five credit card brands agreed on a common set of security standards. Prior to this, each card brand managed their own set of requirements:
- MasterCard - Site Data Protection (SDP) Program.
- VISA - Cardholder Information Security Program (CISP) and Account Information Security (AIS)
- Discover - Discover Information Security and Compliance
- American Express - Data Security Operating Policies
Merchants and Service Providers must validate compliance with an audit by a PCI DSS Qualified Security Assessor (QSA). For the Net Report PCI Compliance White Paper, click here...
Net Report's Solution
Net Report's PCI Compliance Suite helps your IT staff to respect key mandates of PCI DSS Version 1.1. PCI DSS mandates that an information security policy must be established, published, maintained and desseminated. This policy includes:
- A process to identify and assess threats, vulnerabilities and risks.
- A formal annual review and subsequent updates when the environment changes.
Net Report enables organizations processing credit card transactions to respect these mandates, to collect data, archive data and monitor, report and alert on all systems and applications that contain sensitive cardholder data. For example, Net Report manages the following security events.
- Security Events:
- Failed system-level and application-level login attempts
- Failed access attempts to files or application data
- IDS/IPS events
- Exploitation of a system by a virus, worm or an unauthorized individual (hacking)
- Configuration Changes:
- Routers
- Firewalls
- Hosts
- Applications
- Other IT assets that are part of the credit card process
- Asset Changes:
- Applications being installed or removed
- Addition or removal of user and group accounts
- Service Changes
- Vulnerabilities
- Understnading vulnerabilities resident on an asset
Request the PCI DSS White Paper 
Download our Company Presentation
View a Flash Movie of our Solution 
Net Report's Training Workshops
The changes to business processes reflecting the requirements of PCI DSSwill bring about important training needs for employees in the business. We can help identify training needs and run subsequent programs for relevant staff, including senior management training explaining their responsibilities.
Improve your understanding of the issues raised by the Internal Controls required by key international regulations: Basel II, Sarbanes-Oxley (SOX), SEC 17a-3, a-4, NASD 3010, 3110, PCI DSS, Tabaksblat Code, Lippens Code, La Loi de Sécurité Financière (LSF) that affect the IT function within your organization. Please contact our Senior Consultant, Nerys Grivolas for more information: nerys@netreport.fr
Our interactive Training workshops cover the related Governing Bodies (PCAOB, AMF...), the key internal control frameworks: COSO, COBIT, ISO/IEC 27002 (17799) and the relationship and alignment between them. We tailor the content of our workshops to your needs, according to range of topics you select the workshops can range from 1-2 Days. Read more...
Bringing your company's security up to meet the regulatory standards may require various changes, for example managing the reams of log data in your database, managing your database volumes. We help you store, aggregate and purge your data, decrease your database volumes and easily analyze and report pure business intelligence knowledge in real-time, tailored to each of your department's specific needs. Please contact us to see how we can help you: sales@netreport.fr |
