San Jose-based Vormetric IT audit firm Coalfire has released guidance for using Vormetric Transparent Encryption to satisfy Payment Card Industry Data Security Standard (PCI DSS) 3.0 requirements in sections 3, 7, 8, 9, 10 & 11 within VMware environments.
Enterprises are dedicating increasing resources to security and risk. Nevertheless, attacks are increasing in frequency and sophistication. Security and risk leaders need to fully engage with the latest technology trends if they are to define, achieve and maintain effective security and risk management programs that simultaneously enable business opportunities and manage risk.
Early Warning fraud prevention with its equity investment and commercial agreement through Payfone. Early Warning will now provide carrier-based device and account owner identity authentication combined with unrivaled financial transaction and identity data, ensuring a secure and seamless mobile experience for financial services customers. Mobile devices are becoming a proxy for identity. By integrating with the network-based authentication capabilities of tier one mobile carriers via Payfone, Early Warning will provide a deterministic level of mobile identity that far surpasses traditional and device-centric authentication measures. By leveraging the same SIM card-based network authentication that mobile operators use to secure their own services, Early Warning can verify account logins and financial transactions with more precision and convenience.
Arise Virtual Solutions Inc., the leading global provider of virtual business process outsourcing (BPO) solutions, today announced it received the highest standard and compliance for processing customer transactions for the 8th year in a row. Arise is certified as a Level 1 Service Provider in the United States, Canada, the United Kingdom and Ireland with…
Harland Clarke Marketing Services at its production facility have received PCI DSS certification with Verizon Business assessment required for certification. Harland Clarke’s Card Services business also received an Attestation of Compliance with PCI standards from Verizon Business. Within Harland Clarke implements a defense-in-depth strategy, which combines physical control measures with logical control measures, uses a layered security model to provide end-to-end security of client and customer information, and mitigates risk across the supply chain.
MICROS Systems information technology solutions for the hospitality and retail industries has formed an alliance with Trustwave to now offer clients the managed Unified Threat Management (UTM) service and “TrustKeeper 3.0.” This will help MICROS clients achieve and maintain compliance with the PCI DSS in conjunction with all of MICROS’s PA-DSS validated products. MICROS offers a complete portfolio of 19 different PA-DSS validated products and client tokenization for cardholder data. The managed Unified Threat Management (UTM) service enhances the security offered by tokenization. Trustwave’s UTM core technology includes a firewall to regulate traffic that enters and exits the network; gateway anti-virus to stop viruses before they enter a network; Virtual Private Network (VPN) support to ensure confidentiality and security of communication between the merchant and remote employees; and in-line Intrusion Prevention System (IPS) which supplements the firewall to stop attacks at the application layer before it can penetrate network operations. The “TrustKeeper 3.0” Web portal which helps streamline compliance validation for all MICROS clients.
SaaS SecureWorks will continue to help organizations meet the Data Security Standard (DSS) version 1.2. SecureWorks is a Qualified Security Assessor Company and also an
Approved Scanning Vendor for PCI which enables SecureWorks to provide Reports on Compliance and to provide external and/or internal vulnerability scanning services required as part of the DSS version 1.2 specification. SecureWorks provides firewall and other device reporting, monitoring and management services that can ensure that technologies are appropriately
placed to segment the network to protect cardholder data from internet and internal threats. Our workflow and reporting provide an audit trail that firewall policies are reviewed as needed and no less often than required by PCI. PCI DSS version 1.2 changed the requirement to review firewall policies from every quarter to every six months.