Secure Computing initiative to help payment processing firms comply with Data Security Standard

The Initiative, which will focus on education and expert resources, aims to provide global organizations with the information, tools, and solutions they need to comply with the new PCI Data Security Standard (DSS), which has initially imposed a June 30, 2008 deadline for meeting the 6.6 requirement of installing an application-layer firewall in front of all Web-facing applications.

The Initiative kicked off with a free 75-minute Webcast titled "Straight Talk with IDC: How to Stay out of the Headlines with PCI Compliance," featuring IDC's Chris Christiansen. The seminar included actual case studies and examples of customers that have met PCI requirements, and discussed compliance costs and benefits, implementation hurdles, technology solutions, and best practices. Secure Computing has also developed a dedicated Website to educate organizations about the 12 major PCI requirements and provide information on how security solutions and best practices can help them comply with the new standard.

"With the recent rise in data breaches containing credit card information and the alarming increase in identity thefts, the implementation of a sound information security program is no longer optional. Companies processing credit card information must embrace and implement solid data protection strategies to ensure the confidentiality and integrity of their customers' confidential information. The cost of compliance is far less expensive than the cost of remediation, which includes the high price of lost public confidence and overall brand equity," said Chris Christiansen, Security Products and Services Vice President, IDC.

PCI DSS is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information. PCI DSS was created jointly in 2004 by Visa, MasterCard, Discover and American Express. It clearly outlines the 12 key requirements with which companies processing, storing, or transmitting payment card data must comply or risk losing their payment processing abilities. Merchants and payment card service providers must validate their compliance periodically with auditors.

Secure Computing's solutions to help organizations comply with the new standard include: Sidewinder, the award-winning network and application-layer firewall that fulfills the first requirement by defending networks and Internet-facing applications from known and unknown malicious threats; SnapGear , which provides cost effective virtual private network security for retail stores, franchises or any point-of-sale deployment; SafeWord, which strongly authenticates remote and admin access for in-scope PCI systems; IronMail, which is capable of automatically discovering and encrypting or blocking emails containing Primary Account Number (PAN) based on policy; and Webwasher®, which helps prevent phishing and other malware attacks targeting PANs and user data.

"In addition to protecting against the onslaught of security threats, organizations today are required to demonstrate compliance with a growing number of industry regulations and standards. Secure Computing recognizes the challenges facing our customers, and is committed to helping them simplify the process by providing all-in-one security and compliance solutions from one trusted vendor,"

said Nimer Ghazal, Regional Sales Manager, Secure Computing.