Janco

News Feed

Feed
Description
 Janco Mobile Pages
Home
Search
Templates
Salary Survey
HandiGuides
Job Descriptions
Individual Policies
Compliance Tools
White Papers
Update Service
Bundles - Special Offers
CIO Infrastructure Tool Kit
Promotions
About Us
Back Home Up Next

 


Janco Newsletter

Compliance Newsletter

December 8, 2008

Credit Card companies are requiring its acquirers certify that all merchants and all processors meet PCI-DSS requirements. If you are using a payment application it better be on the PCI-DSS compliant list and your web server be PCI-DSS compliant. The first hard deadline for compliance with the Payment Card Industry's (PCI) Data Security Standard (DSS) is just around the cornet, merchants are ramping up efforts to get their houses in order. Many level three (20,000 to 6,000,000 transactions per year) and four merchants (fewer than 20,000 transaction per year) have not complied and may miss the next deadline and be fined.

IN THIS ISSUE

PCI-DSS Compliance Kit Helps Level 4 Merchants

Internet & IT Job Descriptions -2009 Version released

PCI-DSS Compliance Kit Helps Level 4 Merchants

PCI DSS Compliance KitCredit Card Companies aim to secure cardholder data wherever it resides, requiring that members, merchants, and service providers maintain the highest information security standards. While the threshold for PCI compliance is only a minimum standard, businesses recognize that failure to meet PCI requirements can lead to both financial penalties and long-term damage to customer trust and brand equity.

PCI requirements maintain that companies shall encrypt data at rest, which is a challenging and expensive endeavor for most retailers to undertake. 
The PCI DSS security requirements apply to all "system components." A system component is defined as any network component, server, or application that is included in or connected to the cardholder data environment. The cardholder data environment is that part of the network that possesses cardholder data or sensitive authentication data. Network components include but are not limited to firewalls, switches, routers, wireless access points, network appliances, and other security appliances. Server types include, but are not limited to the following: web, database, authentication, mail, proxy, network time protocol (NTP), and domain name server (DNS). Applications include all purchased and custom applications, including internal and external (internet) applications.

The PCI-DSS Compliance Kit aid level 4 merchants with infrastructure tolls that address issues that all of these merchants face.

  • PCI-DSS Coordinator - With the onset of the new compliance requirements Level 4 merchants need to have one point of contact for all of the issues associated with meeting the requirement.
  • e-Commerce, wireless, and Internet personnel - The PCI-DSS standard hits all of these areas and the personnel involved need to understand the new responsibilities that they have.
  • Formal Security Audit Program - With onset of the mandated requirement a formal audit program is required by even the smallest merchant.
  • Security Polices and Procedures - Structure and rules are required any many Level 4 merchants do not have the infrastructure in place to address these issues directly.

PCI-DSS Compliance Kit

Read On...                                                                  Order Compliance Kit...

 

Internet & IT Job Descriptions - 2009 Version released

IT Job DescriptionsThe Internet and IT Position Descriptions HandiGuide® has just been updated and is over 600 pages; which includes sample organization charts, a job progression matrix, and 220 Internet and IT job descriptions.   The book also addresses Fair Labor Standards, the ADA, and is in a new easier to read format.

The 220 positions include all of the functions within the IT group.  The Job Descriptions have been updated to be compliant with PCI-DSS, Sarbanes-Oxley, HIPAA, and the ITIL standards.  The job descriptions are all structured to focus on "Best Practices" as defined by the IT Productivity Center to meet the requirements of World Class Enterprises. They are ready to use and easily modified to meet your enterprise's unique requirements.

  • Chief Information Officer (CIO)
  • Chief Information Officer (CIO) - Small Enterprise
  • Chief Security Officer (CSO)
  • Chief Compliance Officer (CCO)
  • Chief Technology Officer (CTO)
  • Director Electronic Commerce
  • Director Sarbanes-Oxley Compliance
  • Manager Data Security/Special Project Supervisor
  • Disaster Recovery Coordinator
  • Internet/Intranet Administrator
  • Manager Metrics
  • Metrics Measurement Analyst
  • Manager Wireless Systems
  • Webmaster
  • PCI-DSS Coordinator
  • Programmer
  • Object Programmer
  • Unix System Administrator
  • Windows System Administrator

Read on...                                                                                      Order...

 

 

 


 

News HTML
SAFE Shopping

© 2000 - 2009 Janco Associates, Inc. - ALL RIGHTS RESERVED -- Revised: 02/14/09