Commerce, Featuring News, Press Releases, IT Directory & Links
Stonesoft Helps Organisations Meet Requirements Set By The New PCI Data Security Standard
Published 8th May 2008
StoneGate Firewall and IPS protect sensitive data and enhance PCI compliance processes...
Reading, UK – 6 May 2008 – Stonesoft, an innovative provider of integrated network security and business continuity solutions, helps organisations meet PCI (Payment Card Industry) compliance requirements. The new Data Security Standard requires that after June 30, 2008 all web-facing applications must be protected against known attacks. The StoneGate Firewall and IPS provide an easy and cost-efficient solution for comprehensive protection and PCI compliance reporting.
Security breaches cause credit card companies massive revenue losses annually. The majority of credit card data thefts occur while merchants are handling, processing, transmitting or storing cardholder information. To prevent further secure breaches, the major credit card companies compel merchants to become compliant with the PCI security standard. Without compliance, a merchant risks fines and remediation costs, not to mention potential customer lawsuits and the damages to company reputation and brand. In severe cases, the merchant can be prevented from accepting credit cards.
The PCI Data Security Standard (PCI DSS) sets the level for merchants who process and transmit payment card data. After June 30, the standard requires that all web-facing applications must be protected against known attacks by either having all custom application code reviewed for common vulnerabilities by an organisation that specialises in application security, or installing an application layer firewall in front of web-facing applications to detect and prevent web-based attacks.
The standard requires both firewall and IPS protection. Designed for enterprise users, StoneGate Firewalls and IPS are ideally suited for this purpose. They contain full application layer inspection for web applications, are able to stop attacks before these reach the web application, and offer excellent unified reporting and audit trail capabilities. In addition, the products use dynamic updates to keep the prevention up-to-date, and work seamlessly together under the same unified management.
“Achieving compliance with PCI Data Security Standards is quite a struggle for most organisations. This new requirement to protect all web-facing applications against known attacks is exactly what our firewall and IPS solutions have been doing for years already”, said Klaus Majewski, product marketing manager at Stonesoft.
“StoneGate solutions have been designed to enable organisations to become compliant, and our customers can rely on our expertise and help during the process. Deploying StoneGate Firewall is the easiest and most cost-efficient solution to make sure the organisation complies with the PCI DSS,” Majewski continues. “Organisations can count on the StoneGate Secure Connectivity Solution to protect sensitive data, audit access to cardholder information and enhance PCI compliance processes.”
The PCI Security Standards Council is a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (DSS), PCI PIN Entry Device (PED) Security Requirements and the Payment Application Data Security Standard (PA-DSS). The Council was originally developed by Visa and MasterCard, and since September 2006 American Express, Discover and JCB have also been members.