Shulou(Shulou.com)06/01 Report--

Privileged account and PCI/DSS

The payment Card Industry data Security Standard (PCI DSS) is a policy developed by the Alliance of Credit Card companies to maintain

The card of the card is safe. PCI DSS puts forward a number of requirements for businesses that store, process and transmit cardholder data.

Requirements include:

All systems used to store, process and transmit cardholder data must be authenticated

Access to cardholder data must be restricted by business instructions.

A unique ID must be assigned to each computer-side visitor

Access to network resources and cardholder data must be tracked and monitored

Question discussion:

Do you have any projects designed to meet PCI compliance standards?

Are you worried about meeting PCI compliance standards?

PCI has been criticized for being demanding. Do you have difficulty deciding how to follow PCI as much as possible?

Do you know anything about the system that stores or transmits cardholder data?

What help can Haiyi's privileged account management system bring?

Minimum user privileges and authentication: Cyber-Ark can perform access levels on a per-user basis. Requirements met:

The only ID

Restrict access according to business needs

Secure review tracking: Cyber-Ark 's review log provides details of visitors, access times, and actions performed for any system.

Requirements met:

Track / monitor resources used to store cardholder data

Compliance criteria: business rules are easily enforced throughout the enterprise by setting master policies.

Application authentication: the system used to process payments must be full-time and fault-free. Cyber-Ark is unique in that it can authenticate through a redundant high-performance architecture.

Visa Best practices for data field encryption: Cyber-Ark conforms to Visa's encryption standard.

A famous sabotage.

TJX was sabotaged in 2007: 45.6 million credit and debit card user information was stolen in 18 months.

In 2010, VeriSign suffered *: * to steal the access to the privileged account. How they stole access and how much data was stolen is unknown.

Customer use ca

Revlon

Emperor Entertainment Group

Sikejie

Pizza Hut

Fulai chicken

Xuhaoping@haiyisec.com

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.