Upload
ntt-com-security
View
428
Download
0
Embed Size (px)
DESCRIPTION
Global information security and risk management company, NTT Com Security (formerly Integralis) has found that 41 percent of U.S. businesses are aware of PCI DSS 3.0 but have no plans in place, while 70 percent are still unaware of the looming deadline for PCI DSS 3.0 compliance. Is your business compliant? For more information, go to our PCI Compliance Resource Center at http://bit.ly/1n8oOCx.
Citation preview
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 1
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 2
© 2014 NTT Com Security 7/30/14 3 Public-‐Approved-‐v05
PCI DSS 3.0 Compliance deadlines are impending with 3.0 becoming mandatory in 2015. If you’re not sure about the exact date, check with a Qualified Security Assessor (QSA) to ensure your brand is taking the steps to meet important deadlines.
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 4
The consequences for failing to comply with PCI DSS standards are huge and could include loss of brand trust and
legal action.
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 5
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 6
For the 77 percent who believe they are PCI-DSS compliant, they should be conducting annual assessments to ensure that what they
are actually compliant.
© 2014 NTT Com Security 7/30/14 7 Public-‐Approved-‐v05
PCI DSS standards are incredibly complex and requires IT security expertise to ensure compliance. While most organizations think they are compliant they are not
validating compliance annually as required. To ensure compliance, connect with a Qualified Security Assessor
(QSA).
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 8
© 2014 NTT Com Security 7/30/14 9 Public-‐Approved-‐v05
Is PCI DSS 3.0 compliance part of your overall security strategy? If not, you risk wasting time and
money to rush being compliant by the January 2015 deadline.
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 10
Look at your brand’s compliance and make sure you’re not undermining your brand’s reputation.
© 2014 NTT Com Security
You May Think You Are PCI DSS 3.0 Compliant, But Have You Considered:
7/30/14 11 Public-‐Approved-‐v05
1. Retail merchants: Are you periodically inspecting physical devices that capture card data to limit the possibility of tampering?
2. If you have service providers on your Cardholder Data Environment networks, are you tracking their PCI compliance status?
3. Are you completing and submitting annual self-assessments or QSA assessments (as appropriate)?
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 12
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 13
© 2014 NTT Com Security 7/30/14 14 Public-‐Approved-‐v05
It can be a challenge to get your arms around PCI DSS compliance. You can look to your
expert IT security provider to walk you through the requirements and steps you need to take to
protect data – and your brand’s reputation.
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 15
© 2014 NTT Com Security 7/30/14 Public-‐Approved-‐v05 16
Be ready to show your customers that you take
protecting their sensitive data seriously. You should know
when your last assessment was
conducted and the outcomes of that
assessment.
© 2014 NTT Com Security
With deadlines impending, we’ve brought together the resources you need to assess your readiness and take the next steps toward becoming compliant or maintaining PCI Compliance. Visit to http://bit.ly/1n8oOCx for more information.
@NTTComSec_US