| Title | Date Added | Company | |
|---|---|---|---|
![]() |
Implementing PCI: A Guide for Network Security Engineers | 2007-09-01 | Juniper Networks |
| This paper provides architectural guidance for network security engineers who are responsible for implementing systems and technologies that are in compliance with the PCI Data Security Standard (PCI DSS). It analyzes the requirements that are specifically related to network security and describes approaches for achieving compliance in accordance with the spirit of the standard, while respecting the cost of deployment. At the conclusion, a section covering next steps for the network engineer provides general guidance for the engineer chartered with implementing PCI compliant network architecture.
Tags: Data Recovery - Security |
|||
![]() |
Microsoft Webcast: Reducing Risk and Improving Your Compliance Documentation and Communication Capabilities (Level 100) | 0000-00-00 | Microsoft |
| The cost and effort of meeting compliance regulations, such as the Sarbanes-OXley (SOX) Act and the Health Insurance Portability and Accountability Act (HIPAA), are key concerns for finance executives. Many companies are also interested in easy and intuitive compliance reporting capabilities. This webcast presents an illustrative solution of how the organization can take advantage of familiar technology to enhance the compliance documentation productivity and communicate more easily; improve communication impact with a visual representation of risks and controls; and reduce the risk of noncompliance with intuitive visual monitoring.
Tags: Sarbanes-Oxley, HIPAA |
|||
![]() |
Managed File Transfer and the PCI Data Security Standards | 2007-08-28 | Ipswitch |
| The Payment Card Industry (PCI) Data Security Standards (DSS) are intended for use by merchants, financial processors, point-of-sale vendors, and banks, credit unions and other financial institutions that transmit, process and/or store credit cardholder data. Standard Networks is a Participating Organization of the PCI Security Standards Council and has written this document to help companies understand how the standards apply to file transfer products in general, and how MOVEit secure Managed File Transfer (MFT) products by Standard Networks can help them to achieve and demonstrate compliance with the PCI DSS.
Tags: Security Management, Data Recovery - Security |
|||
![]() |
How Can Identity and Access Management Help Me With PCI Compliance While Improving My Overall Security? | 2007-08-28 | CA (Computer Associates) |
| Compliance with the requirements of the PCI standard has become a business imperative for firms that process significant numbers of credit card transactions, or provide any type of credit card services to other organizations. Although these requirements are based on industry best practices, it is unlikely that most organizations would initially comply with this standard without improvements in their IT security processes and system, as well as their business processes. Compliance with PCI requires a concerted effort, typically involving multiple groups within the IT organization. Although changes to various IT processes are usually involved, the adoption of specific technology solutions can greatly aid the compliance effort.
Tags: Security Management |
|||
![]() |
Spyware: Know Your Enemy | 2006-12-20 | MessageLabs |
| Like Macavity, the fictional feline in T. S. Eliot's well-known poem, spyware may be considered to be responsible for a whole host of present-day crimes; but unlike the Mystery Cat, not all spyware is clever enough to leave no trace of its guilt - although that may already be changing.
This White Paper profiles spyware and prescribes the various ways organizations can meet the threat head on. Tags: Security Management, Best Practices, Spam - E-mail Fraud - Phishing, Spyware |
|||
![]() |
Improving Your PCI Compliance Quotient | 2007-08-23 | Symantec |
| Improving compliance for PCI is more than checking-off the compliance box. PCI is fundamentally about the procedures and controls needed to protect the organization from negative financial consequences from a customer data loss or theft. The attendee of this webcast will learn: how to reliably estimate the likelihood of a data loss or theft for their organization; the intimate connection between good compliance and data protection; about the financial risk of a data loss or theft; financial returns for compliance and data protection; and about the five key actions to improve results for PCI. The webcast will also discuss Symantec Control Compliance Suite 8.5 features and functionality, and identify how they map to PCI requirements.
Tags: Security Tools, Security Management |
|||
![]() |
Payment Card Industry (PCI) Security Awareness Training | 2007-08-16 | State of California |
| Credit card information is regulated by the Payment Card Industry (PCI) Data Security Standard (DSS). This Standard is a set of data security requirements that apply to all employees, merchants, vendors, service providers, contractors and business partners who store, process or transmit sensitive credit cardholder data, as well as to all system components included in or connected to or the cardholder data environment. The PCI DSS includes 64 specific requirements. | |||
![]() |
PCI DSS and HIPAA: The Security Standards Share Common Ground | 2007-08-01 | CSRSI |
| One of the greatest challenges that the electronic transactions industry faces today is the issue of security requirements under various rules and regulations. For most people in the industry, the issue is focused on the specifics of the Payment Card Industry Data Security Standard (PCI DSS), but the issue may be much broader than that. Many other security sets are currently operative and they interface with the merchant population that the industry serves. Federal legislation with security requirements include HIPAA (the Hospital Insurance Portability and Accountability Act) of 1996 Title II, the Graham-Leach-Bliley Act of 1999, ground in the merchant services field.
Tags: Security Management, HIPAA |
|||
![]() |
Data Security Standards: Integrity and Availability | 2007-07-31 | University of Michigan |
| The Data Preservation Alliance for the Social Sciences (Data-PASS) was formed to take shared responsibility for the long-term accessibility to social science datasets that are of value to current and future researchers and policy-makers. To maintain accessibility and support dissemination, the quality and integrity of the information within and about a data collection must be controlled throughout the various stages in its life-cycle. This paper outlines standards for the security of materials acquired for the Data-PASS project. Based on current security procedures already in place at each organization, these standards protect against the destruction and loss of the data, whether through natural disasters, fire, vandalism and/or error. | |||
![]() |
PCI Data Security and Classification Standards | 2007-07-27 | University of Houston |
| Data security should be a key component of all system policies and practices related to payment acceptance and transaction processing. As customers seek out merchants that are reputable and reliable, they expect assurance that their account information is being guarded and their personal data is safe. This paper gives details about PCI (Payment Card Industry) standards.
Tags: Data Recovery - Security |