©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   1  

©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   2  

©  2014  NTT  Com  Security   7/30/14   3  Public-­‐Approved-­‐v05  

PCI DSS 3.0 Compliance deadlines are impending with 3.0 becoming mandatory in 2015. If you’re not sure about the exact date, check with a Qualified Security Assessor (QSA) to ensure your brand is taking the steps to meet important deadlines.

©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   4  

The consequences for failing to comply with PCI DSS standards are huge and could include loss of brand trust and

legal action.  

©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   5  

©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   6  

For the 77 percent who believe they are PCI-DSS compliant, they should be conducting annual assessments to ensure that what they

are actually compliant.

©  2014  NTT  Com  Security   7/30/14   7  Public-­‐Approved-­‐v05  

PCI DSS standards are incredibly complex and requires IT security expertise to ensure compliance. While most organizations think they are compliant they are not

validating compliance annually as required. To ensure compliance, connect with a Qualified Security Assessor

(QSA).

©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   8  

©  2014  NTT  Com  Security   7/30/14   9  Public-­‐Approved-­‐v05  

Is PCI DSS 3.0 compliance part of your overall security strategy? If not, you risk wasting time and

money to rush being compliant by the January 2015 deadline.

©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   10  

Look at your brand’s compliance and make sure you’re not undermining your brand’s reputation.

©  2014  NTT  Com  Security  

You May Think You Are PCI DSS 3.0 Compliant, But Have You Considered:

7/30/14   11  Public-­‐Approved-­‐v05  

1.  Retail merchants: Are you periodically inspecting physical devices that capture card data to limit the possibility of tampering?

2.  If you have service providers on your Cardholder Data Environment networks, are you tracking their PCI compliance status?

3.  Are you completing and submitting annual self-assessments or QSA assessments (as appropriate)?

©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   12  

©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   13  

©  2014  NTT  Com  Security   7/30/14   14  Public-­‐Approved-­‐v05  

It can be a challenge to get your arms around PCI DSS compliance. You can look to your

expert IT security provider to walk you through the requirements and steps you need to take to

protect data – and your brand’s reputation.

©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   15  

©  2014  NTT  Com  Security   7/30/14  Public-­‐Approved-­‐v05   16  

   

Be ready to show your customers that you take

protecting their sensitive data seriously. You should know

when your last assessment was

conducted and the outcomes of that

assessment.

©  2014  NTT  Com  Security  

With deadlines impending, we’ve brought together the resources you need to assess your readiness and take the next steps toward becoming compliant or maintaining PCI Compliance. Visit to http://bit.ly/1n8oOCx for more information.

       

@NTTComSec_US