Payment Card Industry (PCI-DSS) Data Standard

Order PCI kit Download Selected Pages

Payment Card Industry (PCI-DSS) Data Standard - The world has embraced credit and debit cards to support transactions for almost every kind of business. Unfortunately, the data associated with these credit and debit cards are the focus of many identity theft activities, including online hacking, illegal actions by company employees and the physical theft of media such as storage tapes.

The Payment Card Industry (PCI) Data Security Standard (DSS) has been designed to protect the personal information of credit card holders. The PCI Audit Program supports PCI compliance. With Janco's tools - the PCI Audit Program, the Security Manual Template, Sensitive Information Policy, Record Management Policy, Backup and Backup Retention Policy, and Security Audit Program we offer techniques that help organizations develop integrated, end-to-end processes that encompass each aspect of PCI and security planning, management and compliance reporting.

More than one billion people use at least one type of payment card, which supports commercial transactions in almost every business worldwide. Account data and personally identifiable information, referred to in the standard as "cardholder data," is the focus of many identity theft activities, including online hacking, the physical and logical theft of databases stored on a variety of media and other illegal actions by trusted insiders.

PCI Data Security Standard
Build and Maintain a Secure Network	Install and maintain a firewall configuration to protect cardholder data Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data	Protect stored cardholder data Encrypt transmission of cardholder data across public networks open
Maintain a Vulnerability Management Program	Use and regularly update anti-virus software Develop and maintain secure systems and applications
Implement Strong Access Control Measures	Restrict access to cardholder data by business need-to-know Assign a unique ID to each person with computer access Restrict physical access to cardholder data
Regularly Monitor and Test Networks	Track and monitor all access to network resources and cardholder data Regularly test security systems and processes
Maintain an Information Security Policy	Maintain a policy that addresses information security

Order PCI kit Download Selected Pages

This program is specific to the required annual PCI audit. Included in the standard audit program are two policies (one paragraph long) which need to be implemented to meet PCI DSS security requirements. The policies are for "Sensitive Data" and "Record Management (Retention and Disposition)" --the ones provided in the standard package are shorthand versions of the full polices contained in other Janco products which are available individually or in the premium and gold versions of the PCI Audit program.

Both the Premium Version and the Gold Version include copies of Cornerbowl Software's award winning product Network Event Viewer.

The table below shows what is included in each of the three versions of the PCI Audit Program:

Component	Standard	Silver Save 20%	Gold Save 25%	Platinum Save 30%
PCI Audit Program - 62 pages	X	X	X	X
Network Event Viewer - Manage 20 computers		X
Network Event Viewer - Manage 50 computers			X
Network Event Viewer - Manage an unlimited number of computers				X
Sensitive Information Policy - 31 Pages		X	X	X
Record Management - Retention & Disposition Policy - 38 Pages		X	X	X
Security Manual Template - Over 255 pages			X	X
Backup Policy - 10 Pages			X	X
Security Audit Program - 400 Tasks				X
Disaster Recovery / Business Continuity Audit Program - 13 pages				X

Order PCI kit Download Selected Pages