What is PCI DSS and How Can DLP Help You Achieve Compliance?

, ,

Australian organisations are concerned more than ever when it comes to PCI DSS Compliance. Any organisation that utilises a payment system has to comply with these standards. One of the key ways to ensure you are in compliance with the PCI DSS is through utilising data loss prevention solutions

 

What is PCI DSS Compliance?

 The Payment Card Industry Data Security Standard (PCI DSS) is a set of security requirements that helps organisations protect their payment systems from breaches, fraud, and theft of cardholder data. Developed by the PCI Security Standards Council, PCI DSS applies to any business that processes, stores or transmits cardholder data for the world’s biggest card schemes: American Express, Discover, JCB, MasterCard, and Visa.

PCI-DSS is a global industry standard and is mandated that Australian organisations who accept credit and debit card payments are required to comply with their standards. Organisations who fail to meet these standards can often have negative impacts on their relationships with banks, credit card payment gateways, etc.

Data Loss Prevention and PCI DSS

 Data Loss Prevention (DLP) solutions are some of the most useful tools for PCI DSS compliance on the market. Because their policies are applied directly to sensitive data rather than to devices or the whole network, they ensure that cardholder information is identified, logged, and controlled in order to meet PCI DSS requirements.

Many Data Loss Solutions do this through predefined policies for standards such as PCI DSS which means companies don’t have to waste time building policies from scratch: DLP developers have already identified which sensitive data needs to be protected and have built-in the definitions for it. Endpoint Protector from CoSoSys is a DLP solution that has predefined PCI DSS policies pre-determined and can be used right out of the box, saving organisations time and resources.

By knowing where data is located and how it is being used, companies can begin to build efficient data protection strategies, addressing identified issues rather than taking a broad approach to compliance. A vulnerability-targeting strategy does not only protect data more effectively but also helps companies save money by ensuring that the solutions they choose are necessary.

DLP solutions can help organisations comply with many of PCI DSS compliance requirements by:

Protecting Stored Cardholder Data

Restricting Access to cardholder by business need

Tracking and Monitoring access to network resources

Periodic Security and Systems Testing

Summary

PCI DSS Compliance is essential for any organisation working with financial institutions, banks and payment gateways. Data Loss Prevention tools can help Australian organisation meet these compliance requirements and ensure they are enhancing their cybersecurity posture.

Read the full blog  |  Learn more about Endpoint ProtectorRequest a Demo

 

/by

4 Data Loss Prevention Strategies. Which one is right for your Organisation?

, , ,

Data loss is a scary word for any organisation that has a responsibility of storing any sensitive, especially customer Personal Identifiable Information (PII). Losses or accidental leaks of PII can result in hefty fines, loss of reputation and more importantly customer trust and in some cases, it could make or break an organisation. But it is not just the loss of data that is the biggest danger, but rather it’s the big three – Data loss, misuse of data, and unauthorised access of data.

To ensure an organisation does not breach the customer trust and to protect their own internal security, they need to focus on Data Loss Prevention (DLP). DLP tools are a key piece for anyone that needs to protect PII for compliance & regulatory reasons, for the protection of their own intellectual property or just want to gain better visibility of their sensitive data.

4 DLP Strategies from emt Distribution

 

4 Types of Data Loss Prevention

Endpoint DLP: Endpoint DLP monitors the discovery of information that resides on the endpoint, this can include web browsers, removable storage, etc. This type of prevention ensures that the information residing on the endpoint cannot be exfiltrated or compromised in the event of the device being lost or stolen or even just a careless mistake. Once the endpoint has been analysed, protection controls can be put in place such as local and remote file quarantining, file encryption or sharing permissions added to the file.

 

Network DLP: Network DLP protects data in motion. This is accomplished by analysing outbound network traffic on the corporate network and make informed decisions on what is seen. If correct tools are implemented, then the information can be controlled by alerting security staff during a non-permitted upload or for file-transfer, this can be to websites or data sent in emails.

 

Storage DLP: Storage DLP ensures that by identifying what sensitive information is stored and where it is stored, organisations can discover and secure sensitive data at rest. This data can often be stored on file servers, cloud storage, endpoints, network file shares, SharePoint and other data repositories. Once the sensitive data is located organisations can begin to identify and monitor who has access to the data and restrict where necessary.

 

Cloud DLP: As organisations move to a cloud centric model, more and more cloud-based applications are beginning to accumulate sensitive data. This information often resides in places like O365 exchange, O365 OneDrive, Dropbox and other file shares. The right Cloud DLP tools inspect the content and web traffic and automatically enforces the policies developed by the organisation to protect the sensitive data.

 

Summary

When it comes to Data Loss Protection it’s important to pay heed to the security standards, protecting data at rest, data in motion and data in use. Unfortunately, without proper data security measures in place, organisations can leave themselves vulnerable to potential losses of sensitive data, which can result in them incurring hefty fines and loss of customer trust. When implementing any type of cybersecurity strategy, it’s important to remember that prevention is often the best way to further protect what is important.

 

To learn more about the Data Loss Prevention solutions at emt visit EndPoint Protector, OPSWAT, and VIPRE AV  

 

About the author: Alexander Duffy is the Chief Security Officer for emt Distribution. He is passionate about implementation of the ASD Essential Eight framework and its role in improving the security posture of organisations in ANZ.  For more security updates follow him on LinkedIn

 

/by

EndPoint Protector overview

,

logo-Endpoint-Protector-by-CoSoSys

Protect your endpoints with the solution already being used with over 30 million devices, Endpoint Protector by Cososys. EndPoint Protector by CoSoSys will allow you to choose what gets moved on your network, to which device, and with a complete logging and reporting suite.

The feature rich nature of Endpoint Protector (EPP) makes it a comprehensive solution for businesses, enterprise, critical infrastructure, utilities and governments requiring strong control of portable media/devices and the protection and transfer of sensitive data. Features include:

  • Content Aware DLP that helps ensure data transferring through various exit points like email and cloud file transfer solutions, doesn’t contain confidential information
  • Device Control of removable devices on Windows, OS X and Linux platforms, assigning device rights, custom classes, File tracing and shadowing, device blocklists and whitelists and Alerting
  • eDiscovery gives visibility into sensitive data at rest and allows you to apply remediation actions helping prevent data leaks
  • Mobile Device Management adds protection and control to mobile devices such as geofencing, tracking and logging and mobile application management.

The administration console is intuitive, easy to navigate and easy to pick up configuration quickly.  Implementing DLP policies is a straightforward process but incredibly powerful and flexible.

Speak to us today about looking through this fantastic data loss prevention solution!

/by