Evidian NewsDesk » Evidian publishes a white paper on PCI DSS

August 30, 2008

Evidian publishes a white paper on PCI DSS

Evidian has published a white paper that describes how to comply with many areas of the Payment Card Industry Data Security Standard (PCI DSS) with an identity and access management (IAM) solution.

With the rise of electronic commerce, there is a growing public awareness of the dangers of theft of confidential payment card information. PCI DSS is designed to ensure that merchants fulfill detailed security requirements to protect payment card data.

But while the goals of the standard are very legitimate, many organizations have encountered difficulties and delays in implementing PCI DSS.

Can you restrict access to card data to employees whose jobs require it?
Even then, can you really identify users of an authorized account?
How do you review access logs for all card-handling applications?
Do you track default accounts in all resources that handle card data ?

As part of a PCI DSS compliance drive, IAM can ensure that your decisions are enforced. And you can demonstrate to auditors that risks related to payment card data are under control.

Download the white paper here.

Posted to News by Laurent de Jerphanion at 16:25





Categories: Blog News Search: Archives: October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 2007 October 2007 September 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 Events: —L’authentification forte dans la gestion des identités et des accès, seminar, Paris, November 25 —Solving identity, access and mobility within the NHS, joint seminar with Microsoft, London, December 9 More: Login RSS Comments RSS	Evidian NewsDesk August 30, 2008 Evidian publishes a white paper on PCI DSS Evidian has published a white paper that describes how to comply with many areas of the Payment Card Industry Data Security Standard (PCI DSS) with an identity and access management (IAM) solution. With the rise of electronic commerce, there is a growing public awareness of the dangers of theft of confidential payment card information. PCI DSS is designed to ensure that merchants fulfill detailed security requirements to protect payment card data. But while the goals of the standard are very legitimate, many organizations have encountered difficulties and delays in implementing PCI DSS. Can you restrict access to card data to employees whose jobs require it? Even then, can you really identify users of an authorized account? How do you review access logs for all card-handling applications? Do you track default accounts in all resources that handle card data ? As part of a PCI DSS compliance drive, IAM can ensure that your decisions are enforced. And you can demonstrate to auditors that risks related to payment card data are under control. Download the white paper here. Posted to News by Laurent de Jerphanion at 16:25