The Green Sheet Online Edition
November 12, 2007 • Issue 07:11:01
New prescription for the PCI pain?
The phrase "PCI compliance" strikes fear in everyone from independent agents to powerful retail business executives. But the endgame of the Payment Card Industry (PCI) Data Security Standard (DSS) - to protect consumer data from theft - keeps payments professionals forging ahead toward safe and secure networks.
Enter Voyence, a developer of automated configuration management software, with the VoyenceControl PCI Advisor to help ensure network devices meet the PCI DSS specs.
PCI Advisor maps and configures data directly into embedded PCI DSS mandates to reinforce network devices compliance. It also eases system audits with in-depth analysis detailing how network devices adhere to each PCI DSS requirement.
It offers a vendor-neutral solution to managing network infrastructure, including firewalls. And all critical network configuration data is stored safely in a central repository.
PCI Advisor manages all routers, switches and firewalls that don't run antivirus software but that do require security patch updates provided by Voyence. And it helps in the quick identification of network devices that are running compromised operating systems.
Through the Advisor, all network configuration data is sent encrypted via secure sockets layer (SSL) or secure shell (SSH). Templates, design wizards and compliance standards are deployed to guarantee all network device configurations meet security requirements.
PCI Advisor's role-based user authentication restricts device access and sensitive configuration data to a need-to-know basis. It tracks and stores all user activity. It also tracks and stores device changes even when they are made directly to the devices.
The PCI Advisor is the first product available in Voyence's Compliance Advisory Series that helps address fundamental questions underlying a business's card transaction network, starting with: Is the system PCI compliant? If not, the Advisor guides users in addressing other questions critical to a system's PCI health and well-being, including:
- What progress is being made toward compliance, and how long will that process take?
- What actions are left to complete, and what are the primary issues that must be tackled?
- What changes are taking place in the network, and do they conform to PCI DSS?
The Advisor also features check boxes and time stamps, in-depth dashboard views and PCI auditor-relevant reports.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.