Compliance
Contact Us
- Visa PCI Compliance
- NERC Compliance
- HITECH Act Compliance
- HIPAA Compliance
- Sarbanes-Oxley Compliance
- Basel II Compliance
- GLBA Compliance
- ISO 17799 Compliance
- FFIEC Compliance
- CA SB 1386 Compliance
- DCID 6/3 Compliance
- DoD 8100.2 Compliance
- FISMA Compliance
- NISPOM Compliance
Contact Us
Home > Compliance > PCI Compliance
VISA Payment Card Industry (PCI) Compliance
What is VISA PCI DSS?
The Payment Card Industry (PCI) Data Security Standard (DSS), updated as of October 1, 2008 outlines best practices for credit card data that is stored, processed, or transmitted. All major credit card issuers, including VISA, MasterCard, American Express, Diners Club, and Discover, jointly developed PCI. It consolidates and supersedes the requirements of the previously developed VISA Cardholder Information Security Program (CISP) and the MasterCard Site Data Protection (SDP).
How do companies comply with the PCI DSS?
Encryption is a vital part of PCI compliance. Compliance with requirement 4 requires that a company "encrypt transmission of cardholder data and sensitive information across public networks." Companies should think of public networks as "any network they do not own or control," including shared or leased networks. Although service providers often refer to their networks as "secure private line" services, they are not really private nor are they secure. Leased line services simply separate the data of many other customers using one network, but there is no data security on these networks. Companies must encrypt cardholder data before sending it over third-party networks.
Companies must not only protect stored data at rest, but PCI compliance requires end-to-end encryption of wireless transmissions with cardholder data and other sensitive information. Whether it's for continuous data replication or electronic archival, data must be secured even when it travels to offsite storage and processing locations.
How does CipherOptics help?
When you need to encrypt your data in motion, CipherOptics makes it easy. Whether you need to protect a single link, or your entire network, we eliminate the complexity of encrypting today's networks.
Our solutions combine standards-based, wire-speed encryption appliances with CipherEngine, the only policy definition and key distribution technology designed for multi-node networks. Together, they give you the highest level of data protection at the lowest total cost. CipherEngine gives you the power to protect data in motion wherever, however and whenever you want, without changes or disruptions to your network, your infrastructure, or your operations.
To see just how easy it can be to comply with the PCI Data Security Standard, call 1-877-878-6655 or feel free to ask us a question.
Learn more about VISA PCI DSS
Learn More About:
Network Encryption
Ethernet Encryptors
IP Encryptors
CipherEngine Policy and Key Management
Helpful Resources
PCI Security Audit Procedures