-
Payment Card Industry Data Security Standard Handbook
Clearly written and easy to use, Payment Card Industry Data Security Standard Handbook is your single source along the journey to compliance with the Payment Card Industry Data Security Standard (PCI DSS), addressing the payment card industry standard that includes requirements for security management, protection of customer account data, policies, procedures, network architecture, software design, and other critical protective measures. This all-inclusive resource facilitates a deeper understanding of how to put compliance into action while maintaining your business objectives.
Payment Card Industry Data Security Standard Handbook
With the significant increase of pay-ment card use and rapid advances in technology, today’s organizations enjoy a tremendous amount of benefits brought about by the widespread use of payment cards. However, despite the significant benefits, organizations must address the specific challenges associated with protecting their cardholder data and cardholder data environments.
Holding the Payment Card Industry Data Security Standard (PCI DSS) up to the light of day, Payment Card Industry Data Security Standard Handbook helps organizations proactively protect customer account data, providing a one-stop resource for PCI compliance, including coverage of requirements for security management, policies, procedures, network architecture, software design, and other protective measures.
Written by industry expert Timothy Virtue, this timely book guides, mentors, and assists organizations along their journey to compliance with the PCI DSS and can be used as an initial primer on PCI compliance as well as a reference to support the maintenance and ongoing commitment to PCI compliance. It offers suggested strategies and coverage of topics, including:
- An overall view of the essential components and best practices of a successful information security program
- The network requirements, including configuration, documentation, and testing requirements that must be in place in order to properly secure cardholder data
- The requirements necessary to ensure cardholders are properly protected in the event of a breach or other unauthorized disclosure
- The use of anti-virus software and security patches in order to minimize the overall vulnerability of the cardholder data environment
- Guidelines for developing PCI DSS– compliant Web-based applications
- How organizations should manage access control to the sensitive cardholder data
- How networks must be monitored and tested and what kind of audit trails must be established
- The importance of developing, maintaining, and distributing an information security policy
PCI compliance is not a one-time event or a checked box on an audit form, but an ongoing, sustained process. Filled with practical advice with information that organizations can utilize to achieve and maintain continuous compliance with PCI DSS, Payment Card Industry Data Security Standard Handbook is an authoritative guide that helps readers understand how the PCI DSS requirements fit into every organization’s security framework.
From the Back Cover
Praise for Payment Card Industry Data Security Standard Handbook“While providing insightful guidance on a holistic approach to tackling the Dirty Dozen of PCI, this book also teaches the fundamental principles of information security management. The PCI DSS Handbook is a must-read for all levels of security managers.”
—John Reeder, CISSP, CISM, CISA, CIPP, Vice President, Information Security & Compliance”There’s a lot of noise surrounding PCI compliance. This book is the perfect resource to help clear the air so people can focus on what’s important.”
—Kevin Beaver, security consultant and creator of the Security On Wheels audio programsYour single source for understanding the Payment Card Industry data Security StandardThe significant benefits of extensive payment card use and rapid advances in technology are immense, but also require your organization to address the specific challenges associated with protecting its cardholder data and cardholder data environments.Clearly written and easy to use, Payment Card Industry Data Security Standard Handbook is your single source along the journey to compliance with the Payment Card Industry Data Security Standard (PCI DSS), addressing the payment card industry standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures.This all-inclusive resource for payment card industry compliance shows you how your organization can:- Protect cardholder data, with discussion of the requirements necessary to ensure cardholders are properly protected
- Maintain a vulnerability management program in order to minimize the overall vulnerability of the cardholder data environment
- Implement strong access control measures in order to achieve PCI DSS compliance
- Regularly monitor and test networks to find out how networks must be monitored and tested
- Enforce an information security policy and what it must contain in order to be PCI DSS-compliant
Payment Card Industry Data Security Standard Handbook presents an overall view of the essential components and best practices for successful implementation of an information security program, as well as a deeper understanding of how to put compliance into action while maintaining your business objectives.
Published on February 11, 2014 · Filed under: Financial and Banking, PCI-DSS;