Watch TV Using Your Mac

Posted by admin on May 13th, 2008 filed in Computer

The Payment Card Industry Data Security Standard (PCI DSS) was as a series of requirements for companies, to process, store and transfer the data from the credit card to facilitate the dealers to adopt adequate security of all societies of credit cards.

The PCI security standards of the Council and updates the norm. The application of programs to comply with the sanctions and are used by each brand of payment.

In the assessment of conformity with PCI solutions for enterprises should take the examiners and look to the products offer a complete PCI should be changes in the standards.

PCI also includes requirements in processing. The complete requirements include three levels of validation:

1st Safety on the construction sites of the audit
2nd Questionnaire on self-assessment
3rd Scanners in the network

The level of validation required, the frequency and the validation of the effort depends on risk and transaction costs or volume.

The actual costs for a breach of the security of data

Security of data against a company can cost an average of $ 182 per folder compared with the costs and legal and other expenses. While it is without the cost of a damaged reputation, competitive advantage, and the lost customers because of the injury and the cost of an action if the accusations are in a hurry. Dealers cardholder data store must also think about the possibility of buses are not respected and the danger of an increase in the cost of transactions.

Here are some examples of recent major injuries in the retail sector.

TJX

45.6 million credit card numbers and bank card were stolen.

DSW Shoe Warehouse

Compromise credit card numbers for about 1.4 million customers and driving licence information system of around 96000 customers.

Card Systems

Compromise of information for 40 million holders of credit cards.

Marriot International

Compromise credit card information and phone numbers of social security for 206, 000 customers and employees.

Polo Ralph Lauren

180000 jeopardized the customer’s credit card.

Sam’s Club / Wal-Mart

Data from the credit card in an unspecified number of customers has been suspended.

Requirement of more PCI-laws

In May 2007 the Minnesota was the first country to do PCI requirements set out in a constitutional state, by declaring that any company that violated the security of the data to reimburse the banks that they bear the cost, the blocking and the issue of new cards.

12 steps to check PCI

The following is a list of the 12 requirements of the PCI DSS.

1st Installation and configuration, firewall protection for the data on the card.
2nd Do not use a provider of default system passwords and other security settings.
3rd Protection of data stored cardholders.
4th Encrypt the transmission of data between the card open, public networks
5th Use and regularly update anti-virus software
6th Development and maintenance of secure systems and applications
7th Restriction of access by the cardholders of data by the companies need to know
8th Assigning a unique identifier for each person with access to the computer
9th Restrict physical access to the data of the map
10th From track and monitor access to the resources of the network and the holder of the card data
11st Try regularly the safety of systems and processes
12nd Hold a policy that affected the security of information

Sales Company and service providers and the degree of compliance

Sales Company degree of agreement

1st Level 1: Dealer of more than 6 million credit card transactions each year on all channels, including electronic commerce.

Conformity: PCI-annual report to place the security of data on the quarterly evaluation and network scans.

2nd Level 2: Merchant with 1 to 6 million credit card transactions per year

Conformity: self-assessment of annual and quarterly network scans

3rd Level 3: dealers with 20000 to 1000000 credit cards e-commerce transactions per year.

Note: Also on level 2 merchants

4th Level 4: The merchants of less than 20000 credit card e-commerce transactions per year annual self-assessment and the annual

Conformity: the self-assessment and the annual network scans

Service provider levels

1st Level 1: All processors and the gateways of payment.

Conformity: PCI-annual report to place the security of data and the assessment of the quarterly network scans

2nd Level 2: a provider of services that are not on the level 1 and stores, processes or transmits more than 1 million credit card accounts / transactions per year.

Note: Even on the level 1 of the provider of services

3rd Level 3: Each provider of services that are not on the level 1 and stored, processed or transmitted less than 1000000 accounts credit card transactions per year.

Conformity: annual self-evaluation questionnaire and quarterly network scans.

PCI DSS changes

The PCI security standards have been updated to the issues of implementation, in particular:

• hosting provider requirements
• New provision that the malware such as spyware and adware are in the fight against the virus capacity.
• requirements regarding the review of the code of the application or the firewall.
• requirement of a policy to control the units in connection with
• Appendix A - PCI DSS scope for providers of accommodation.
• Appendix B - controls compensatory measures.

Visit the Standard [https: / / http://www.pcisecuritystandards.org/pdfs/pci_summary_of_pci_dss_changes_v1-1.pdf] for more information.

Dates / sanctions

The deadline for compliance with PCI is past. Visa believes that only 36 percent of the level 1 merchants and 15 percent of the level 2 dealer is to be in the PCI.

Effective October 1, 2007, the buyer, as the transactions qualify for the weaker exchange rates must ensure that the dealers generate revenues, PCI for this performance.

In 2006, Visa will receive $ 4.6 million in fines for companies that do not comply, an increase compared to 2005 a total of 3.4 million U.S. dollars. Source: VISA [http://usa.visa.com/about_visa/press_resources/news/press_releases/nr367.html]

A further consideration to the protection of stored data

Just a compromise tape backup can cost a reputation of their company a competitive advantage, and thousands of dollars in fines. There are the costs to customers, many calls to be received on the how and why this injury, the cost of the loss of business resulting from the breach, and so on.

Read more information by clicking the links below:

Music Blog | City Travel | Love Blog | Internet Nerds | Granaditas | Maldigras | About Cars | Nerve Crack | Gamer’s World | Perfect Diapason |  Anime | Latest Buzz | Business | Creative Innovations | Sports Reviews | Creative Writing | Fashion Today | Blog Loan Online | Online Opportunities | Blog Addict | Site Submission | Make Money Online | Technology | Gadgets | Articles | Gizmos | Travel | Finance | Blogging | Opinions | Entertainment | Reviews | Websites | Money | Sugar Free Blog | Bonsang | Latest Videos | Globe Auto Load | Airsoft | BlogToMillion | Lifestyle | Shopping | Computer | Britney Spears | PC Games | Marketing | News | Web Design | Society | Benefits | Services | Papable | Blog | Internet Marketing | Real Estate | Earn Online | jSison |