With the PCI Security Standards Council’s release of the PCI Data Security Standard (PCI DSS) Virtualization Guidelines, Cyber-Ark(R) Software, a leading global information security provider for protecting and managing privileged accounts and sessions, critical applications and sensitive information, offers retail and e-commerce organizations guidance on necessary requirements to achieve PCI Version 2.0 compliance, including within…
Cyber-Ark Software global information security provider for protecting and managing critical applications, identities and sensitive information has joined the PCI Security Standards Council as a Participating Organization. This furthers its commitment to enabling enterprise customers to protect cardholder data and make credit card payments more secure by assuming a direct role in the development of evolving PCI Data Security Standard (DSS). Cyber-Ark provides mature Privileged Identity Management and Governed File Transfer technology to address PCI compliance requirements associated with user account management, encryption, and safe exchange and sharing of sensitive information. This development grants Cyber-Ark access to the Council’s latest payment card security standards in order to provide feedback and become part of a growing community that includes more than 600 organizations.
The 2009 3rd annual Cyber-Ark “Trust, Security & Passwords” survey of
more than 400 IT professionals has found 35% of IT workers now access
corporate information without authorization, a 2% increase over the year
ago period. Concerning mostly enterprise class companies in the US and
UK, additional findings show 74% could circumvent security controls
currently in place; 20% of companies have experienced insider IT
security fraud, of which 36% suspect their competitors to have gained;
71% of respondents oversee privileged accounts which are partially
monitored; 35% of IT administrators admitted using administration rights
to access confidential information such as HR records, customer
databases, M&A plans, layoff lists and marketing information. With the
depletion of the economy, Cyber-Ark also saw an increased interest in
appropriate information between 2008 and 2009, such as M&A Plans with 7%
and 47%, respectively; R&D Plans with 13% and 46%, respectively; CEO
Passwords with 11% and 46%, respectively; Financial Reports with 11% and
46%, respectively; Privileged Password List with 31% and 42%,
respectively; and Customer Database with 35% and 47%, respectively. The
full report can be seen at;
The Payment Card Industry Security Vendor Alliance has added eleven new members; ArcSight, BOSaNOVA, CallCopy, Compliance Spectrum, GigaFin Networks, NetClarity, Princeton Softech, an IBM company, TELUS Security Solutions, United Security Providers, and Solidcore, and Ounce Labs.
The Payment Card Industry Security Vendor Alliance has twelve new members that include ADTRAN, AirMagnet, Compliance Security Partners, Compuware, Control Path, Envision Inc., GSI Hosting, Ounce Labs, Patrick Townsend & Associates, Tripwire, Unified Compliance Framework, and Visonys AG. PCI SVA members, all with strong experience in delivering PCI compliance solutions to thousands of customers, will leverage their combined knowledge to support the objectives of the PCI Security Standards Council. PCI SVA’s founding members are ConfigureSoft, Inc., Cyber-Ark, Inc., Modulo Security, Proginet, Inc., Protegrity USA, Inc., Reflex Security and Safe-Net, Inc. The PCI SVA was formed in January 2007 to work with the retail and payment card industries to develop an efficient and cost-effective way to achieve compliance with the PCI Data Security Standards (PCI DSS).
NJ-based Princeton Softech is among the first 24 companies to have joined the Payment Card Industry “Strategic Vendor Alliance”. The PCI SVA was founded by a group of leading data security firms, including ConfigureSoft, Cyber-Ark, Modulo Security, Proginet, Protegrity, Reflex Security and Safe-Net to provide the best in technology solutions and services to retailers, e-commerce companies, financial institutions, payment processors, POS vendors and other organizations that must protect consumer privacy to achieve compliance with the PCI Data Security Standard (DSS). Initiated by MasterCard International and Visa in January 2005, the PCI DSS is a set of twelve multifaceted regulations that represent a unified industry standard for protecting cardholder data that is stored, transmitted or processed. The PCI DSS must be implemented by all members, merchants and service providers that store, process or transmit cardholder information. Fines for non-compliance can range up to 500,000 USD per incident. Princeton Softech provides enterprise data management solutions that address critical business issues.
ConfigureSoft, Cyber-Ark, Modulo Security, Proginet, Protegrity USA, Reflex Security, SafeNet and Verisign data security companies have created The Payment Card Industry Security Vendor Alliance – (PCI SVA). The PCI SVA will assist members of the payment card industry and the PCI Security Standards Council in educating the business community on the requirements and business value of the Payment Card Industry (PCI) Data Security Standard, a global benchmark intended to improve security throughout the entire payment card transaction process. PCI SVA plans to create a series of case studies, seminars, return-on-investment analyses, and white papers to show how organizations may achieve compliance with the PCI DSS requirements efficiently and on-budget.