All Oracle Applications implementations that "Store, process, or transmit cardholder data" must comply with Payment Card Industry (PCI) Data Security Standard 1.1 regardless of size or transaction volume. The PCI Data Security Standard (DSS) 1.1 is a set of stringent security requirements for networks, network devices, servers, and applications. The standard details specific requirements in terms of security configuration and policies and all the requirements are mandatory. PCI DSS is focused on securely handling cardholder data, but also has a significant emphasis on general IT security. This paper will review the credit card processing features of Oracle Applications and will provide general guidance for Oracle Applications implementations on complying with relevant PCI DSS requirements.
Did you find this white paper useful?
1 out of 1 users found this white paper useful
Related white papers
Combating Fraud and Improving Claims Processes in SMB Insurance
IBM understands the increasing threats facing insurance companies and offers proven solutions to capitalize on a variety of risks. This executive kit contains articles related to claims management, insurance fraud...
Governance, Risk, and Compliance: A Practical Guide to Points of Entry
The implementation of new initiatives in Governance, Risk, and Compliance (GRC) may be an overwhelming prospect for many organizations. With multiple views and aspects of GRC, it can be difficult...
Stock Spam: A Classic Scam
The "pump 'n' dump" stock scam has been around since the inception of stock sales. Today, however, after a series of fumbles by amateurs, serious Internet criminals are taking this...
ICD-10: Turning Regulatory Compliance Into Strategic Advantage - Are U.S. Health Plans and Providers Ready for ICD-10 Adoption?
As if existing IT investments weren't a large enough strain on provider and payor budgets, the U.S. health care industry is facing a new challenge: ICD-10 (International Statistical Classification of...
Benchmarking IT Risk and Compliance
IT Risk and Compliance are critical issues for Senior IT Managers today. Two areas of focus will be presented beginning with the results of Symantec's IT Risk Management Report. This...
Microsoft FDCC Webcast Series: Do It Right: Log in as Normal User
FDCC requires that the typical user run as Normal User whenever possible; without this, a managed environment is practically impossible. For organizations that have given Local Administrator rights to their...
Pragma Systems: Using SSH for PCI Compliance
The objective of this paper is to examine the federal and industry regulatory environment and to analyze the benefits of utilizing Secure Shell (SSH) in achieving PCI compliance. In addition,...
