White Papers for Federal Financial Institutions Examination Council (FFIEC)

Simplifying the Scope of the PCI Audit

Apani

The threshold for PCI compliance is simply a minimum standard. Retailers recognize that failure to satisfy the Payment Card Industry Data Security Standard (PCI DSS) requirements and lead to financial penalties and leave the organization vulnerable to attack. The PCI standard has very specific requirements. No single product, procedure or policy can satisfy all of the requirements. As part of a total solution or PCI, Apani EpiForce can restrict access to cardholder data with logical security zoning and policy based encryption of data in motion. Logical security zones isolate systems that store, process or transmit cardholder data. For companies unable o encrypt credit ard data at rest, compensating ontrols may be considered. Compensating controls restrict access cardholder data with added security zones and policy based encryption of data in motion. EpiForce provides a solution to block the connectivity of unauthorized sers r devices and is n excellent option or achieving CI compensating controls.

View the White Paper

Share or bookmarklet this web page at: