New Software For PCI DSS Compliance

13 Jun 10:44

GFI Software has released the GFI PCI Suite, a package aimed at helping companies meet the strict requirements and tight deadlines imposed by the Payment Card Industry Data Security Standards (PCI DSS) and comply with the majority of automated processes required for compliance.

The GFI PCI Suite provides a centralized management console through which systems administrators can deploy the PCI DSS enhanced versions of GFI EventsManager and GFI LANguard N.S.S. - two solutions that help controlling network security and meeting the directives imposed by PCI DSS. GFI EventsManager boosts PCI DSS compliancy efforts by alerting administrators on key events occurring on the network while GFI LANguard N.S.S. allows IT professionals to identify network security weaknesses and fix them before these are exploited.

Credit card fraud was the most common form of identity theft at 25 per cent of all reported occurrences in 2006, with more than USD 48 billion lost by financial institutions and businesses in that year and USD 5 billion lost by individuals. E-commerce fraud is also on the rise, reaching 3 billion in 2006 with an increment of 7 per cent over 2005. In order to reduce credit/debit card fraud, the 5 major card industries created a set of security best practices, PCI DSS, with which payment card industry businesses must comply. Merchants processing over 6 million credit card transactions must become PCI DSS compliant by September 30, 2007 while those processing between 1 and 6 million credit card transactions have until December 31, 2007. Non-compliant companies are liable to various sanctions including hefty fines of up to USD 500,000 per security breach and restrictions on card processing privileges.

Related links: (Open in a new window.)
www.gfi.com/downloads/downloads.aspx?pid=pci&lid=en

Taken from Information Security Bulletin.