GLBA News

Total Card Assures PCI DSS Compliance with Configuresoft

(Oct 08, 2007)-- Configuresoft, an innovator in systems management technology and the creator of enterprise Configuration Intelligence, announced Total Card, has selected Configuresoft’s Enterprise Configuration Manager (ECM) to achieve continuous compliance with PCI DSS (Payment Card Industry Digital Security Standard) across its distributed computing infrastructure.

Total Card, a leading third party credit card servicer, has issued more than a million VISA and MasterCard credit cards. Business growth and swift adoption of technology such as virtualization made maintaining the security and compliance of their diverse and rapidly changing IT environment a daunting manual task for the IT staff. Total Card turned to ECM to ease the burden.

“It is vital that our critical assets and customer information is protected,” said Troy Clavel, chief information officer, Total Card, Inc. “Configuresoft provides the solutions and expertise to enable us to automate, audit and report on the processes across our entire IT environment and meet the PCI Digital Security Standard. Securing the vast amounts of customer data entrusted to Total Card, ensuring our internal processes are auditable, and meeting the PCI DSS requirements is a massive task. ECM deployed quickly, and within days ensured that Total Card is continuously compliant with the standard. Using the ECM solution, we will be extending our compliance verification to SOX, GLBA and HIPAA over the next few months.”

ECM addresses all six PCI security areas, through a continuous process which assures PCI DSS compliance 24 x 7. ECM quickly discovers, analyzes and automatically eliminates PCI compliance deficiencies such as password policy violations and vulnerable machine configurations. Rapid deployment across the enterprise enables customers to reduce the time to prepare and the cost of PCI audit by over 70%.

The PCI DSS is the payment card industry’s effort at self regulation. It creates a unified security standard that reduces the risk of card fraud and governs the safekeeping of cardholder information throughout the transaction process. It applies to any and all merchants, service providers and acquirers that store, process or transmit cardholder data.

Share or bookmarklet this web page at: