Since Visa mandated the Cardholder Information Security Program (CISP) and MasterCard International introduced its Site Data Protection (SDP) program, many merchants, processors, and acquiring banks have been working diligently to meet their specific requirements. Today's Payment Card Industry Data Security Standard (PCI DSS), which combines requirements of the Visa and MasterCard programs, remains as one of the preeminent achievements in the information security industry. As a leading provider of PCI assessments and supporting security services, the VeriSign Global Security Consulting team has performed several hundred PCI assessments since the program's inception. The requirement failures and actual compromises that have observed during these assessments exhibit common themes. This paper identifies proven tactics that help companies achieve PCI compliance and, more importantly, avoid compromise.
Did you find this white paper useful?
24 out of 50 users found this white paper useful
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Credit Union Optimizes Infrastructure to Gain Efficiency, Attain Carbon-Neutral Status
Vancity, Canada's largest credit union, needed to increase efficiency. The credit union turned to technology to support its efforts and opted to standardize on Microsoft technologies because of their usability...
Software From the SAP for Defense & Security Solution Portfolio Paves the Way for NATO's Next-Generation Command and Control Systems
During the Coalition Warrior Interoperability Demonstration (CWID) exercises in 2005 and 2006, conducted by NATO Allied Command Transformation (ACT), SAP experts successfully demonstrated the effectiveness of software from the SAP...
New Identity & Access (IDA) Technologies in Windows Server 2008
Identity and access is the critical piece in a connected infrastructure of an organization and has become a means to increase security, decrease operational costs, satisfy regulatory requirements, and deepen...
Aquarium Enhances Data Access, Security, and Productivity With New Operating System
The National Aquarium in Baltimore, one of the premier aquatic resources in the United States, presents 16,000 specimens in an award-winning 250,000-square-foot facility. Limited office space required some staffers to...
