webleads-tracker

Error
FR | EN
PCI-DSS Compliance
Solutions > PCI-DSS Compliance
PCI Datasheet
Bee Ware response to PCI requirements



Bee Ware + Bull
> Secure Payments and PCI compliance
Bee Ware's i-Suite platform integrates a Web Application Firewall. The alliance with Bull and Crypt2Pay technology helps organizations become compliant by reinforcing the security conttrols required for electronic transactions.
>> Read PR

What is PCI DSS?

 

The Payment card Industry Data Security Standard was initiated by the major credit card companies - American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc in 2006 . It is a worldwide standard that defines a set of security controls intended to protect the critical information that circulates on servers during electronic transactions. Compliance with PCI is mandatory for any merchant or other organization that accepts payment cards. Data breaches due to non-compliance with the PCI standard expose merchants to substantial fines.

While the media thrive on scandalous incidents in high-profile companies, it must be understood that payment card data attacks target organizations of all sizes. The biggest known breach to date : the theft and sale of more than 40 million credit and debit card numbers from the repositories of major US retailers. But there are also reports of very small merchants being hit. The repercussions of hactivism, whether petty or not, are severe. From financial fallout to image soiling, the final outcome is lack of consumer trust and faltering e-commerce stats.


What is the ultimate goal of PCI?

 

Clearly the norm undertakes to encourage and endorse known and documented Best Practices and new technologies that promote a secure space for e-transactions, thereby driving competition and favouring economic uptrends.


What are the PCI BEST Practices?

 

To comply with PCI DSS any business accepting even one single credit card in payment has to implement a series of procedures that are determined once a full IT assessment has been carried out on its systems.
PCI also lays out frequency programs for resorting to new or recurrent assessments and defines the scope of the assessments by taking into account changing IT systems and connections.

There are 12 PCI DSS requirements that are structured under 6 major goals:

  • Build and maintain a secure network
  • Protect sensitive data
  • Maintain a vulnerability management program
  • Deploy strong access control
  • Monitor and test networks frequently
  • Maintain an information security policy



How can Bee Ware help you to become compliant?

 

The use of a Web Application Firewall and quarterly assessments are key requirements that contribute to PCI compliance.

PCI , Requirement 6 : Develop and maintain securesystems and applications
Point 6.6 was a Best Practice recommendation until 2008 ; since then the standard has evolved and t6.6 is now a fully-fledged requirement

For public-facing Web applications, address new threats and vulnerabilities on an ongoing basis and ensure these applications are protected against known attacks by either of the following methods

  • Reviewing public-facing Web applications via manual or automated application vulnerability security assessment tools or methods, at least annually and after any changes
  • Installing a Web-application firewall in front of public-facing Web applications

 
 
© Bee Ware 2011 - All rights reserved - Legal notice - Site Map