SlideShare a Scribd company logo

ControlCase Data Discovery and PCI DSS

Download as PPTX, PDF
ControlCase
ControlCase

ControlCase Data Discovery (CDD) addresses the risk of having encrypted, unknown, or otherwise prohibited cardholder data in your operational environment. It is one of the first comprehensive scanners to not only search for credit card data in file systems, but also in leading commercial and open source databases.

1 of 25
Downloaded 59 times
Data Discovery and PCI DSS By Kishor Vaswani, CEO - ControlCase
Agenda • About Data Discovery • PCI DSS Requirements and need for Data Discovery in the context of PCI DSS • Challenges in the Data Discovery space • Q&A 1
About Data Discovery
Current Technology Environment • Servers – Windows, Unix etc. • Databases – SQL Server, Oracle etc. • Email • File systems 2
What is Data Discovery • Ability to identify and pinpoint sensitive data across › File Shares › Servers › Databases › Email › Log files › Etc. 3
Why is it important • GRC focuses on confidentiality, integrity and availability • Confidentiality is always focused on “Data” • Data that is sensitive must be protected, however the first step of that is to know where the data resides • Hence, it is important to identify where sensitive data resides 4
PCI DSS Requirements and Data Discovery
What is PCI DSS? Payment Card Industry Data Security Standard: • Guidelines for securely processing, storing, or transmitting payment card account data • Established by leading payment card issuers • Maintained by the PCI Security Standards Council (PCI SSC) 5
PCI DSS Requirements Control Objectives Requirements Build and maintain a secure network 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters Protect cardholder data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a vulnerability management program 5. Use and regularly update anti-virus software on all systems commonly affected by malware 6. Develop and maintain secure systems and applications Implement strong access control measures 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data Regularly monitor and test networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Maintain an information security policy 12. Maintain a policy that addresses information security 6
Protect Stored Cardholder Data You must ensure stored data is encrypted and protected. 7
PCI Council Advisory… • Importance of Updating Scope for PCI DSS Assessments There have been a number of high profile data compromises in the press recently. These reports serve as a daily reminder of the damage caused by compromises and of the need to keep business environments secure. Businesses evolve and change over time, and the scope of an entity's cardholder data environment must be reviewed and verified each time a PCI DSS assessment is undertaken. As has always been the case, many compromises are the result of businesses having data they weren't aware of. Please remember that scoping an assessment includes verifying that no cardholder data exists outside of the defined cardholder data environment. By ensuring the scope of an assessment is appropriate, the risk of data compromise is greatly reduced - a benefit to everyone involved. 8
Challenges in Data Discovery
Challenges • Deployment and agents › Can get expensive › Technologically complicated › Long deployment cycles › Databases are a challenge • False Positives › Luhn’s formula narrows down but is not full proof › Many schemes use Luhn’s formula to generate numbers › Separators and delimiters change 9
Challenges • Performance within production environments › Database load › Large number of records in databases › Active directory scanning › Emails storing cardholder data • Tokenization › Differentiation between tokens and real card numbers • Exclusions › Directories › Files › Extension types › Tables/Columns 10
Features to look for – Agentless/Credential Based 11
Features to look for – Database Search Capability 12
Features to look for – Remediation support 13
Features to look for – Delimiter definition 14
Features to look for – Performance tuning 15
Features to look for – Token exclusion capability 16
Features to look for – File/Directory Exclusion 17
Why Choose ControlCase? • Global Reach › Serving more than 400 clients in 40 countries and rapidly growing • Certified Resources › PCI DSS Qualified Security Assessor (QSA) › QSA for Point-to-Point Encryption (QSA P2PE) › Certified ASV vendor 18
To Learn More About PCI Compliance or Data Discovery… • Visit www.controlcase.com • Call +1.703.483.6383 (US) • Call +91.9820293399 (India) • Kishor Vaswani (CEO) – kvaswani@controlcase.com 19
Demo of ControlCase Solution
Thank You for Your Time
Ad

Recommended

Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
ControlCase
 
PCI DSS and PA DSS Version 3.0 Changes
PCI DSS and PA DSS Version 3.0 Changes PCI DSS and PA DSS Version 3.0 Changes
PCI DSS and PA DSS Version 3.0 Changes
ControlCase
 
Making Compliance Business as Usual
Making Compliance Business as UsualMaking Compliance Business as Usual
Making Compliance Business as Usual
ControlCase
 
Log monitoring and file integrity monitoring
Log monitoring and file integrity monitoringLog monitoring and file integrity monitoring
Log monitoring and file integrity monitoring
ControlCase
 
Data Discovery and PCI DSS
Data Discovery and PCI DSSData Discovery and PCI DSS
Data Discovery and PCI DSS
ControlCase
 
Continual Compliance Monitoring– PCI DSS, HIPAA, FERC/NERC, EI3PA, ISO 27001 ...
Continual Compliance Monitoring– PCI DSS, HIPAA, FERC/NERC, EI3PA, ISO 27001 ...Continual Compliance Monitoring– PCI DSS, HIPAA, FERC/NERC, EI3PA, ISO 27001 ...
Continual Compliance Monitoring– PCI DSS, HIPAA, FERC/NERC, EI3PA, ISO 27001 ...
ControlCase
 
PCI DSS & PA DSS Version 3.0 Changes Webinar
PCI DSS & PA DSS Version 3.0 Changes WebinarPCI DSS & PA DSS Version 3.0 Changes Webinar
PCI DSS & PA DSS Version 3.0 Changes Webinar
ControlCase
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as Usual
ControlCase
 
Integrated Compliance
Integrated ComplianceIntegrated Compliance
Integrated Compliance
ControlCase
 
PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0
ControlCase
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as Usual
ControlCase
 
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PALog Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
ControlCase
 
Log Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringLog Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity Monitoring
Kimberly Simon MBA
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
Kimberly Simon MBA
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
ControlCase
 
Making PCI V3.0 Business as Usual (BAU)
Making PCI V3.0 Business as Usual (BAU)Making PCI V3.0 Business as Usual (BAU)
Making PCI V3.0 Business as Usual (BAU)
ControlCase
 
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
ControlCase
 
Continual Compliance Monitoring
Continual Compliance MonitoringContinual Compliance Monitoring
Continual Compliance Monitoring
Kimberly Simon MBA
 
Integrated Compliance
Integrated ComplianceIntegrated Compliance
Integrated Compliance
Kimberly Simon MBA
 
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIECVendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Kimberly Simon MBA
 
PCI DSS and PA DSS Compliance
PCI DSS and PA DSS CompliancePCI DSS and PA DSS Compliance
PCI DSS and PA DSS Compliance
Kimberly Simon MBA
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
Kimberly Simon MBA
 
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIECVendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Kimberly Simon MBA
 
Card Data Discovery and PCI DSS
Card Data Discovery and PCI DSSCard Data Discovery and PCI DSS
Card Data Discovery and PCI DSS
Kimberly Simon MBA
 
Continual Compliance for PCI DSS, E13PA and ISO 27001/2
Continual Compliance for PCI DSS, E13PA and ISO 27001/2Continual Compliance for PCI DSS, E13PA and ISO 27001/2
Continual Compliance for PCI DSS, E13PA and ISO 27001/2
ControlCase
 
PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)
Kimberly Simon MBA
 
Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017
Kimberly Simon MBA
 
PCI Compliance in Cloud
PCI Compliance in CloudPCI Compliance in Cloud
PCI Compliance in Cloud
ControlCase
 
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIECVendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
ControlCase
 
Health Insurance Portability and Accountability Act (HIPAA) Compliance
Health Insurance Portability and Accountability Act (HIPAA) ComplianceHealth Insurance Portability and Accountability Act (HIPAA) Compliance
Health Insurance Portability and Accountability Act (HIPAA) Compliance
ControlCase
 
Ad

More Related Content

What's hot (19)

Integrated Compliance
Integrated ComplianceIntegrated Compliance
Integrated Compliance
ControlCase
 
PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0
ControlCase
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as Usual
ControlCase
 
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PALog Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
ControlCase
 
Log Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringLog Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity Monitoring
Kimberly Simon MBA
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
Kimberly Simon MBA
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
ControlCase
 
Making PCI V3.0 Business as Usual (BAU)
Making PCI V3.0 Business as Usual (BAU)Making PCI V3.0 Business as Usual (BAU)
Making PCI V3.0 Business as Usual (BAU)
ControlCase
 
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
ControlCase
 
Continual Compliance Monitoring
Continual Compliance MonitoringContinual Compliance Monitoring
Continual Compliance Monitoring
Kimberly Simon MBA
 
Integrated Compliance
Integrated ComplianceIntegrated Compliance
Integrated Compliance
Kimberly Simon MBA
 
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIECVendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Kimberly Simon MBA
 
PCI DSS and PA DSS Compliance
PCI DSS and PA DSS CompliancePCI DSS and PA DSS Compliance
PCI DSS and PA DSS Compliance
Kimberly Simon MBA
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
Kimberly Simon MBA
 
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIECVendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Kimberly Simon MBA
 
Card Data Discovery and PCI DSS
Card Data Discovery and PCI DSSCard Data Discovery and PCI DSS
Card Data Discovery and PCI DSS
Kimberly Simon MBA
 
Continual Compliance for PCI DSS, E13PA and ISO 27001/2
Continual Compliance for PCI DSS, E13PA and ISO 27001/2Continual Compliance for PCI DSS, E13PA and ISO 27001/2
Continual Compliance for PCI DSS, E13PA and ISO 27001/2
ControlCase
 
PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)
Kimberly Simon MBA
 
Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017
Kimberly Simon MBA
 
Integrated Compliance
Integrated ComplianceIntegrated Compliance
Integrated Compliance
ControlCase
 
PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0
ControlCase
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as Usual
ControlCase
 
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PALog Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
Log Monitoring, FIM– PCI DSS, ISO 27001, HIPAA, FISMA and EI3PA
ControlCase
 
Log Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringLog Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity Monitoring
Kimberly Simon MBA
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
Kimberly Simon MBA
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
ControlCase
 
Making PCI V3.0 Business as Usual (BAU)
Making PCI V3.0 Business as Usual (BAU)Making PCI V3.0 Business as Usual (BAU)
Making PCI V3.0 Business as Usual (BAU)
ControlCase
 
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
Log Monitoring and File Integrity Monitoring for PCI DSS, EI3PA and ISO 27001
ControlCase
 
Continual Compliance Monitoring
Continual Compliance MonitoringContinual Compliance Monitoring
Continual Compliance Monitoring
Kimberly Simon MBA
 
Integrated Compliance
Integrated ComplianceIntegrated Compliance
Integrated Compliance
Kimberly Simon MBA
 
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIECVendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Kimberly Simon MBA
 
PCI DSS and PA DSS Compliance
PCI DSS and PA DSS CompliancePCI DSS and PA DSS Compliance
PCI DSS and PA DSS Compliance
Kimberly Simon MBA
 
PCI Compliance in the Cloud
PCI Compliance in the CloudPCI Compliance in the Cloud
PCI Compliance in the Cloud
Kimberly Simon MBA
 
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIECVendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Vendor Management for PCI DSS; EI3PA; HIPAA and FFIEC
Kimberly Simon MBA
 
Card Data Discovery and PCI DSS
Card Data Discovery and PCI DSSCard Data Discovery and PCI DSS
Card Data Discovery and PCI DSS
Kimberly Simon MBA
 
Continual Compliance for PCI DSS, E13PA and ISO 27001/2
Continual Compliance for PCI DSS, E13PA and ISO 27001/2Continual Compliance for PCI DSS, E13PA and ISO 27001/2
Continual Compliance for PCI DSS, E13PA and ISO 27001/2
ControlCase
 
PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)
Kimberly Simon MBA
 
Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017
Kimberly Simon MBA
 

Viewers also liked (6)

PCI Compliance in Cloud
PCI Compliance in CloudPCI Compliance in Cloud
PCI Compliance in Cloud
ControlCase
 
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIECVendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
ControlCase
 
Health Insurance Portability and Accountability Act (HIPAA) Compliance
Health Insurance Portability and Accountability Act (HIPAA) ComplianceHealth Insurance Portability and Accountability Act (HIPAA) Compliance
Health Insurance Portability and Accountability Act (HIPAA) Compliance
ControlCase
 
PCI DSS 2.0 Detailed Introduction
PCI DSS 2.0 Detailed IntroductionPCI DSS 2.0 Detailed Introduction
PCI DSS 2.0 Detailed Introduction
ControlCase
 
PCI Compliance in Cloud
PCI Compliance in CloudPCI Compliance in Cloud
PCI Compliance in Cloud
ControlCase
 
P2PE - PCI DSS
P2PE - PCI DSSP2PE - PCI DSS
P2PE - PCI DSS
ControlCase
 
PCI Compliance in Cloud
PCI Compliance in CloudPCI Compliance in Cloud
PCI Compliance in Cloud
ControlCase
 
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIECVendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
Vendor Management - PCI DSS, ISO 27001, E13PA,HIPPA & FFIEC
ControlCase
 
Health Insurance Portability and Accountability Act (HIPAA) Compliance
Health Insurance Portability and Accountability Act (HIPAA) ComplianceHealth Insurance Portability and Accountability Act (HIPAA) Compliance
Health Insurance Portability and Accountability Act (HIPAA) Compliance
ControlCase
 
PCI DSS 2.0 Detailed Introduction
PCI DSS 2.0 Detailed IntroductionPCI DSS 2.0 Detailed Introduction
PCI DSS 2.0 Detailed Introduction
ControlCase
 
PCI Compliance in Cloud
PCI Compliance in CloudPCI Compliance in Cloud
PCI Compliance in Cloud
ControlCase
 
P2PE - PCI DSS
P2PE - PCI DSSP2PE - PCI DSS
P2PE - PCI DSS
ControlCase
 
Ad

Similar to ControlCase Data Discovery and PCI DSS (20)

Data Discovery and PCI DSS
Data Discovery and PCI DSSData Discovery and PCI DSS
Data Discovery and PCI DSS
Kimberly Simon MBA
 
Data Discovery and PCI DSS
Data Discovery and PCI DSSData Discovery and PCI DSS
Data Discovery and PCI DSS
ControlCase
 
PCI DSS and PA DSS
PCI DSS and PA DSSPCI DSS and PA DSS
PCI DSS and PA DSS
Kimberly Simon MBA
 
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
Denny Lee
 
PCI DSS and PA DSS
PCI DSS and PA DSSPCI DSS and PA DSS
PCI DSS and PA DSS
Kimberly Simon MBA
 
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
DataStax
 
Aligning Application Security to Compliance
Aligning Application Security to ComplianceAligning Application Security to Compliance
Aligning Application Security to Compliance
Security Innovation
 
PCI DSS and PA DSS Compliance
PCI DSS and PA DSS CompliancePCI DSS and PA DSS Compliance
PCI DSS and PA DSS Compliance
ControlCase
 
Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public Cloud
RightScale
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS Compliance
Saumya Vishnoi
 
PCI DSSand PA DSS
PCI DSSand PA DSSPCI DSSand PA DSS
PCI DSSand PA DSS
Kimberly Simon MBA
 
Data Services Marketplace
Data Services MarketplaceData Services Marketplace
Data Services Marketplace
Denodo
 
Tizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptTizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.ppt
webhostingguy
 
Tizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptTizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.ppt
webhostingguy
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
AlienVault
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
MarketingArrowECS_CZ
 
Not Just a necessary evil, it’s good for business: implementing PCI DSS contr...
Not Just a necessary evil, it’s good for business: implementing PCI DSS contr...Not Just a necessary evil, it’s good for business: implementing PCI DSS contr...
Not Just a necessary evil, it’s good for business: implementing PCI DSS contr...
DataWorks Summit
 
Data Works Berlin 2018 - Worldpay - PCI Compliance
Data Works Berlin 2018 - Worldpay - PCI ComplianceData Works Berlin 2018 - Worldpay - PCI Compliance
Data Works Berlin 2018 - Worldpay - PCI Compliance
David Walker
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
Adrian Dumitrescu
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012
Trend Micro
 
Data Discovery and PCI DSS
Data Discovery and PCI DSSData Discovery and PCI DSS
Data Discovery and PCI DSS
Kimberly Simon MBA
 
Data Discovery and PCI DSS
Data Discovery and PCI DSSData Discovery and PCI DSS
Data Discovery and PCI DSS
ControlCase
 
PCI DSS and PA DSS
PCI DSS and PA DSSPCI DSS and PA DSS
PCI DSS and PA DSS
Kimberly Simon MBA
 
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
Denny Lee
 
PCI DSS and PA DSS
PCI DSS and PA DSSPCI DSS and PA DSS
PCI DSS and PA DSS
Kimberly Simon MBA
 
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
DataStax
 
Aligning Application Security to Compliance
Aligning Application Security to ComplianceAligning Application Security to Compliance
Aligning Application Security to Compliance
Security Innovation
 
PCI DSS and PA DSS Compliance
PCI DSS and PA DSS CompliancePCI DSS and PA DSS Compliance
PCI DSS and PA DSS Compliance
ControlCase
 
Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public Cloud
RightScale
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS Compliance
Saumya Vishnoi
 
PCI DSSand PA DSS
PCI DSSand PA DSSPCI DSSand PA DSS
PCI DSSand PA DSS
Kimberly Simon MBA
 
Data Services Marketplace
Data Services MarketplaceData Services Marketplace
Data Services Marketplace
Denodo
 
Tizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptTizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.ppt
webhostingguy
 
Tizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptTizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.ppt
webhostingguy
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
AlienVault
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
MarketingArrowECS_CZ
 
Not Just a necessary evil, it’s good for business: implementing PCI DSS contr...
Not Just a necessary evil, it’s good for business: implementing PCI DSS contr...Not Just a necessary evil, it’s good for business: implementing PCI DSS contr...
Not Just a necessary evil, it’s good for business: implementing PCI DSS contr...
DataWorks Summit
 
Data Works Berlin 2018 - Worldpay - PCI Compliance
Data Works Berlin 2018 - Worldpay - PCI ComplianceData Works Berlin 2018 - Worldpay - PCI Compliance
Data Works Berlin 2018 - Worldpay - PCI Compliance
David Walker
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
Adrian Dumitrescu
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012
Trend Micro
 
Ad

More from ControlCase (20)

Principes de base des tests d’intrusion Webinar
Principes de base des tests d’intrusion WebinarPrincipes de base des tests d’intrusion Webinar
Principes de base des tests d’intrusion Webinar
ControlCase
 
Penetration Testing Basics Webinar ControlCase
Penetration Testing Basics Webinar ControlCasePenetration Testing Basics Webinar ControlCase
Penetration Testing Basics Webinar ControlCase
ControlCase
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Maintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish KirtikarMaintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish Kirtikar
ControlCase
 
PCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdfPCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdf
ControlCase
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdf
ControlCase
 
Integrated Compliance Webinar.pptx
Integrated Compliance Webinar.pptxIntegrated Compliance Webinar.pptx
Integrated Compliance Webinar.pptx
ControlCase
 
2022-Q2-Webinar-ISO_Spanish_Final.pdf
2022-Q2-Webinar-ISO_Spanish_Final.pdf2022-Q2-Webinar-ISO_Spanish_Final.pdf
2022-Q2-Webinar-ISO_Spanish_Final.pdf
ControlCase
 
French PCI DSS v4.0 Webinaire.pdf
French PCI DSS v4.0 Webinaire.pdfFrench PCI DSS v4.0 Webinaire.pdf
French PCI DSS v4.0 Webinaire.pdf
ControlCase
 
DFARS CMMC SPRS NIST 800-171 Explainer.pdf
DFARS CMMC SPRS NIST 800-171 Explainer.pdfDFARS CMMC SPRS NIST 800-171 Explainer.pdf
DFARS CMMC SPRS NIST 800-171 Explainer.pdf
ControlCase
 
Webinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptxWebinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptx
ControlCase
 
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
ControlCase
 
Webinar-Spanish-PCI DSS-4.0.pdf
Webinar-Spanish-PCI DSS-4.0.pdfWebinar-Spanish-PCI DSS-4.0.pdf
Webinar-Spanish-PCI DSS-4.0.pdf
ControlCase
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf
ControlCase
 
PCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptxPCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptx
ControlCase
 
Webinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptxWebinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptx
ControlCase
 
HITRUST Certification
HITRUST CertificationHITRUST Certification
HITRUST Certification
ControlCase
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC Certification
ControlCase
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP Marketplace
ControlCase
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and Certification
ControlCase
 
Principes de base des tests d’intrusion Webinar
Principes de base des tests d’intrusion WebinarPrincipes de base des tests d’intrusion Webinar
Principes de base des tests d’intrusion Webinar
ControlCase
 
Penetration Testing Basics Webinar ControlCase
Penetration Testing Basics Webinar ControlCasePenetration Testing Basics Webinar ControlCase
Penetration Testing Basics Webinar ControlCase
ControlCase
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Maintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish KirtikarMaintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish Kirtikar
ControlCase
 
PCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdfPCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdf
ControlCase
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdf
ControlCase
 
Integrated Compliance Webinar.pptx
Integrated Compliance Webinar.pptxIntegrated Compliance Webinar.pptx
Integrated Compliance Webinar.pptx
ControlCase
 
2022-Q2-Webinar-ISO_Spanish_Final.pdf
2022-Q2-Webinar-ISO_Spanish_Final.pdf2022-Q2-Webinar-ISO_Spanish_Final.pdf
2022-Q2-Webinar-ISO_Spanish_Final.pdf
ControlCase
 
French PCI DSS v4.0 Webinaire.pdf
French PCI DSS v4.0 Webinaire.pdfFrench PCI DSS v4.0 Webinaire.pdf
French PCI DSS v4.0 Webinaire.pdf
ControlCase
 
DFARS CMMC SPRS NIST 800-171 Explainer.pdf
DFARS CMMC SPRS NIST 800-171 Explainer.pdfDFARS CMMC SPRS NIST 800-171 Explainer.pdf
DFARS CMMC SPRS NIST 800-171 Explainer.pdf
ControlCase
 
Webinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptxWebinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptx
ControlCase
 
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
ControlCase
 
Webinar-Spanish-PCI DSS-4.0.pdf
Webinar-Spanish-PCI DSS-4.0.pdfWebinar-Spanish-PCI DSS-4.0.pdf
Webinar-Spanish-PCI DSS-4.0.pdf
ControlCase
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf
ControlCase
 
PCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptxPCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptx
ControlCase
 
Webinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptxWebinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptx
ControlCase
 
HITRUST Certification
HITRUST CertificationHITRUST Certification
HITRUST Certification
ControlCase
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC Certification
ControlCase
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP Marketplace
ControlCase
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and Certification
ControlCase
 

Recently uploaded (20)

Barry Ferguson Praises Hearts for Dominant Display Against Hibernian
Barry Ferguson Praises Hearts for Dominant Display Against HibernianBarry Ferguson Praises Hearts for Dominant Display Against Hibernian
Barry Ferguson Praises Hearts for Dominant Display Against Hibernian
Free News Report
 
Where Is Paul Qualley Now? A Look Beyond the Spotlight
Where Is Paul Qualley Now? A Look Beyond the SpotlightWhere Is Paul Qualley Now? A Look Beyond the Spotlight
Where Is Paul Qualley Now? A Look Beyond the Spotlight
Free News Report
 
"Honest" Gabe Whitley Sentencing Documents
"Honest" Gabe Whitley Sentencing Documents"Honest" Gabe Whitley Sentencing Documents
"Honest" Gabe Whitley Sentencing Documents
Abdul-Hakim Shabazz
 
Caste_census_in_india-Rahul’s win or Modi’s masterstroke
Caste_census_in_india-Rahul’s win or Modi’s masterstrokeCaste_census_in_india-Rahul’s win or Modi’s masterstroke
Caste_census_in_india-Rahul’s win or Modi’s masterstroke
VoterMood
 
Lucas Bravo: From Model to Actor – 11 Things You Didn’t Know
Lucas Bravo: From Model to Actor – 11 Things You Didn’t KnowLucas Bravo: From Model to Actor – 11 Things You Didn’t Know
Lucas Bravo: From Model to Actor – 11 Things You Didn’t Know
Free News Report
 
LCI, CONTEXT-ANALYSIS, antokn postma -rph-1.pptx
LCI, CONTEXT-ANALYSIS, antokn postma -rph-1.pptxLCI, CONTEXT-ANALYSIS, antokn postma -rph-1.pptx
LCI, CONTEXT-ANALYSIS, antokn postma -rph-1.pptx
frondagregjames
 
Fiscal-Year-2026-Discretionary-Budget-Request.pdf
Fiscal-Year-2026-Discretionary-Budget-Request.pdfFiscal-Year-2026-Discretionary-Budget-Request.pdf
Fiscal-Year-2026-Discretionary-Budget-Request.pdf
ssusere15f981
 
coccaine-docs (5).pdfGhana’s National Intelligence Bureau (NIB
coccaine-docs (5).pdfGhana’s National Intelligence Bureau (NIBcoccaine-docs (5).pdfGhana’s National Intelligence Bureau (NIB
coccaine-docs (5).pdfGhana’s National Intelligence Bureau (NIB
businessweekghana
 
Travel and Cultural Analysis Exploring the World Beyond the Surface.pdf
Travel and Cultural Analysis Exploring the World Beyond the Surface.pdfTravel and Cultural Analysis Exploring the World Beyond the Surface.pdf
Travel and Cultural Analysis Exploring the World Beyond the Surface.pdf
East West News Service
 
Introduction to SAARC ( Overview and objectives)
Introduction to SAARC ( Overview and objectives)Introduction to SAARC ( Overview and objectives)
Introduction to SAARC ( Overview and objectives)
sibgakay123
 
Physical and Human Geography of Kenya...
Physical and Human Geography of Kenya...Physical and Human Geography of Kenya...
Physical and Human Geography of Kenya...
balochliaquat41
 
Elliott Spencer Shares His Thoughts on Living a Low-Profile Life Despite Fame
Elliott Spencer Shares His Thoughts on Living a Low-Profile Life Despite FameElliott Spencer Shares His Thoughts on Living a Low-Profile Life Despite Fame
Elliott Spencer Shares His Thoughts on Living a Low-Profile Life Despite Fame
Free News Report
 
Jill Tavelman: The Woman Who Shaped Lily Collins’ Success
Jill Tavelman: The Woman Who Shaped Lily Collins’ SuccessJill Tavelman: The Woman Who Shaped Lily Collins’ Success
Jill Tavelman: The Woman Who Shaped Lily Collins’ Success
Free News Report
 
Wembley Rematch in the Works: Daniel Dubois and Usyk Near Deal for July Battle
Wembley Rematch in the Works: Daniel Dubois and Usyk Near Deal for July BattleWembley Rematch in the Works: Daniel Dubois and Usyk Near Deal for July Battle
Wembley Rematch in the Works: Daniel Dubois and Usyk Near Deal for July Battle
Free News Report
 
Elon Trump Dynamics: Twitter Reinstatements Spark Political Tech Storm
Elon Trump Dynamics: Twitter Reinstatements Spark Political Tech StormElon Trump Dynamics: Twitter Reinstatements Spark Political Tech Storm
Elon Trump Dynamics: Twitter Reinstatements Spark Political Tech Storm
Free News Report
 
How to spend £100 billion wisely Which areas of public investment should be p...
How to spend £100 billion wisely Which areas of public investment should be p...How to spend £100 billion wisely Which areas of public investment should be p...
How to spend £100 billion wisely Which areas of public investment should be p...
ResolutionFoundation
 
THE IMPERIOUS NEED FOR RESTRUCTURING THE UN AS A WORLD GOVERNMENT.pdf
THE IMPERIOUS NEED FOR RESTRUCTURING THE UN AS A WORLD GOVERNMENT.pdfTHE IMPERIOUS NEED FOR RESTRUCTURING THE UN AS A WORLD GOVERNMENT.pdf
THE IMPERIOUS NEED FOR RESTRUCTURING THE UN AS A WORLD GOVERNMENT.pdf
Faga1939
 
ACCERELATED-EXPORT-DEVELOPMENT-MEMBERS-1.pdf
ACCERELATED-EXPORT-DEVELOPMENT-MEMBERS-1.pdfACCERELATED-EXPORT-DEVELOPMENT-MEMBERS-1.pdf
ACCERELATED-EXPORT-DEVELOPMENT-MEMBERS-1.pdf
businessweekghana
 
Illegal Immigration: A Complex Global Issue
Illegal Immigration: A Complex Global IssueIllegal Immigration: A Complex Global Issue
Illegal Immigration: A Complex Global Issue
hassouniuniversitead
 
Mao_s-great-famine-_-the-history-of-China_s-most-devastating-Dikötter_-Frank_...
Mao_s-great-famine-_-the-history-of-China_s-most-devastating-Dikötter_-Frank_...Mao_s-great-famine-_-the-history-of-China_s-most-devastating-Dikötter_-Frank_...
Mao_s-great-famine-_-the-history-of-China_s-most-devastating-Dikötter_-Frank_...
BenyiBarrosRojas1
 
Barry Ferguson Praises Hearts for Dominant Display Against Hibernian
Barry Ferguson Praises Hearts for Dominant Display Against HibernianBarry Ferguson Praises Hearts for Dominant Display Against Hibernian
Barry Ferguson Praises Hearts for Dominant Display Against Hibernian
Free News Report
 
Where Is Paul Qualley Now? A Look Beyond the Spotlight
Where Is Paul Qualley Now? A Look Beyond the SpotlightWhere Is Paul Qualley Now? A Look Beyond the Spotlight
Where Is Paul Qualley Now? A Look Beyond the Spotlight
Free News Report
 
"Honest" Gabe Whitley Sentencing Documents
"Honest" Gabe Whitley Sentencing Documents"Honest" Gabe Whitley Sentencing Documents
"Honest" Gabe Whitley Sentencing Documents
Abdul-Hakim Shabazz
 
Caste_census_in_india-Rahul’s win or Modi’s masterstroke
Caste_census_in_india-Rahul’s win or Modi’s masterstrokeCaste_census_in_india-Rahul’s win or Modi’s masterstroke
Caste_census_in_india-Rahul’s win or Modi’s masterstroke
VoterMood
 
Lucas Bravo: From Model to Actor – 11 Things You Didn’t Know
Lucas Bravo: From Model to Actor – 11 Things You Didn’t KnowLucas Bravo: From Model to Actor – 11 Things You Didn’t Know
Lucas Bravo: From Model to Actor – 11 Things You Didn’t Know
Free News Report
 
LCI, CONTEXT-ANALYSIS, antokn postma -rph-1.pptx
LCI, CONTEXT-ANALYSIS, antokn postma -rph-1.pptxLCI, CONTEXT-ANALYSIS, antokn postma -rph-1.pptx
LCI, CONTEXT-ANALYSIS, antokn postma -rph-1.pptx
frondagregjames
 
Fiscal-Year-2026-Discretionary-Budget-Request.pdf
Fiscal-Year-2026-Discretionary-Budget-Request.pdfFiscal-Year-2026-Discretionary-Budget-Request.pdf
Fiscal-Year-2026-Discretionary-Budget-Request.pdf
ssusere15f981
 
coccaine-docs (5).pdfGhana’s National Intelligence Bureau (NIB
coccaine-docs (5).pdfGhana’s National Intelligence Bureau (NIBcoccaine-docs (5).pdfGhana’s National Intelligence Bureau (NIB
coccaine-docs (5).pdfGhana’s National Intelligence Bureau (NIB
businessweekghana
 
Travel and Cultural Analysis Exploring the World Beyond the Surface.pdf
Travel and Cultural Analysis Exploring the World Beyond the Surface.pdfTravel and Cultural Analysis Exploring the World Beyond the Surface.pdf
Travel and Cultural Analysis Exploring the World Beyond the Surface.pdf
East West News Service
 
Introduction to SAARC ( Overview and objectives)
Introduction to SAARC ( Overview and objectives)Introduction to SAARC ( Overview and objectives)
Introduction to SAARC ( Overview and objectives)
sibgakay123
 
Physical and Human Geography of Kenya...
Physical and Human Geography of Kenya...Physical and Human Geography of Kenya...
Physical and Human Geography of Kenya...
balochliaquat41
 
Elliott Spencer Shares His Thoughts on Living a Low-Profile Life Despite Fame
Elliott Spencer Shares His Thoughts on Living a Low-Profile Life Despite FameElliott Spencer Shares His Thoughts on Living a Low-Profile Life Despite Fame
Elliott Spencer Shares His Thoughts on Living a Low-Profile Life Despite Fame
Free News Report
 
Jill Tavelman: The Woman Who Shaped Lily Collins’ Success
Jill Tavelman: The Woman Who Shaped Lily Collins’ SuccessJill Tavelman: The Woman Who Shaped Lily Collins’ Success
Jill Tavelman: The Woman Who Shaped Lily Collins’ Success
Free News Report
 
Wembley Rematch in the Works: Daniel Dubois and Usyk Near Deal for July Battle
Wembley Rematch in the Works: Daniel Dubois and Usyk Near Deal for July BattleWembley Rematch in the Works: Daniel Dubois and Usyk Near Deal for July Battle
Wembley Rematch in the Works: Daniel Dubois and Usyk Near Deal for July Battle
Free News Report
 
Elon Trump Dynamics: Twitter Reinstatements Spark Political Tech Storm
Elon Trump Dynamics: Twitter Reinstatements Spark Political Tech StormElon Trump Dynamics: Twitter Reinstatements Spark Political Tech Storm
Elon Trump Dynamics: Twitter Reinstatements Spark Political Tech Storm
Free News Report
 
How to spend £100 billion wisely Which areas of public investment should be p...
How to spend £100 billion wisely Which areas of public investment should be p...How to spend £100 billion wisely Which areas of public investment should be p...
How to spend £100 billion wisely Which areas of public investment should be p...
ResolutionFoundation
 
THE IMPERIOUS NEED FOR RESTRUCTURING THE UN AS A WORLD GOVERNMENT.pdf
THE IMPERIOUS NEED FOR RESTRUCTURING THE UN AS A WORLD GOVERNMENT.pdfTHE IMPERIOUS NEED FOR RESTRUCTURING THE UN AS A WORLD GOVERNMENT.pdf
THE IMPERIOUS NEED FOR RESTRUCTURING THE UN AS A WORLD GOVERNMENT.pdf
Faga1939
 
ACCERELATED-EXPORT-DEVELOPMENT-MEMBERS-1.pdf
ACCERELATED-EXPORT-DEVELOPMENT-MEMBERS-1.pdfACCERELATED-EXPORT-DEVELOPMENT-MEMBERS-1.pdf
ACCERELATED-EXPORT-DEVELOPMENT-MEMBERS-1.pdf
businessweekghana
 
Illegal Immigration: A Complex Global Issue
Illegal Immigration: A Complex Global IssueIllegal Immigration: A Complex Global Issue
Illegal Immigration: A Complex Global Issue
hassouniuniversitead
 
Mao_s-great-famine-_-the-history-of-China_s-most-devastating-Dikötter_-Frank_...
Mao_s-great-famine-_-the-history-of-China_s-most-devastating-Dikötter_-Frank_...Mao_s-great-famine-_-the-history-of-China_s-most-devastating-Dikötter_-Frank_...
Mao_s-great-famine-_-the-history-of-China_s-most-devastating-Dikötter_-Frank_...
BenyiBarrosRojas1
 

ControlCase Data Discovery and PCI DSS

  • 1. Data Discovery and PCI DSS By Kishor Vaswani, CEO - ControlCase
  • 2. Agenda • About Data Discovery • PCI DSS Requirements and need for Data Discovery in the context of PCI DSS • Challenges in the Data Discovery space • Q&A 1
  • 4. Current Technology Environment • Servers – Windows, Unix etc. • Databases – SQL Server, Oracle etc. • Email • File systems 2
  • 5. What is Data Discovery • Ability to identify and pinpoint sensitive data across › File Shares › Servers › Databases › Email › Log files › Etc. 3
  • 6. Why is it important • GRC focuses on confidentiality, integrity and availability • Confidentiality is always focused on “Data” • Data that is sensitive must be protected, however the first step of that is to know where the data resides • Hence, it is important to identify where sensitive data resides 4
  • 7. PCI DSS Requirements and Data Discovery
  • 8. What is PCI DSS? Payment Card Industry Data Security Standard: • Guidelines for securely processing, storing, or transmitting payment card account data • Established by leading payment card issuers • Maintained by the PCI Security Standards Council (PCI SSC) 5
  • 9. PCI DSS Requirements Control Objectives Requirements Build and maintain a secure network 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters Protect cardholder data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a vulnerability management program 5. Use and regularly update anti-virus software on all systems commonly affected by malware 6. Develop and maintain secure systems and applications Implement strong access control measures 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data Regularly monitor and test networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Maintain an information security policy 12. Maintain a policy that addresses information security 6
  • 10. Protect Stored Cardholder Data You must ensure stored data is encrypted and protected. 7
  • 11. PCI Council Advisory… • Importance of Updating Scope for PCI DSS Assessments There have been a number of high profile data compromises in the press recently. These reports serve as a daily reminder of the damage caused by compromises and of the need to keep business environments secure. Businesses evolve and change over time, and the scope of an entity's cardholder data environment must be reviewed and verified each time a PCI DSS assessment is undertaken. As has always been the case, many compromises are the result of businesses having data they weren't aware of. Please remember that scoping an assessment includes verifying that no cardholder data exists outside of the defined cardholder data environment. By ensuring the scope of an assessment is appropriate, the risk of data compromise is greatly reduced - a benefit to everyone involved. 8
  • 12. Challenges in Data Discovery
  • 13. Challenges • Deployment and agents › Can get expensive › Technologically complicated › Long deployment cycles › Databases are a challenge • False Positives › Luhn’s formula narrows down but is not full proof › Many schemes use Luhn’s formula to generate numbers › Separators and delimiters change 9
  • 14. Challenges • Performance within production environments › Database load › Large number of records in databases › Active directory scanning › Emails storing cardholder data • Tokenization › Differentiation between tokens and real card numbers • Exclusions › Directories › Files › Extension types › Tables/Columns 10
  • 15. Features to look for – Agentless/Credential Based 11
  • 16. Features to look for – Database Search Capability 12
  • 17. Features to look for – Remediation support 13
  • 18. Features to look for – Delimiter definition 14
  • 19. Features to look for – Performance tuning 15
  • 20. Features to look for – Token exclusion capability 16
  • 21. Features to look for – File/Directory Exclusion 17
  • 22. Why Choose ControlCase? • Global Reach › Serving more than 400 clients in 40 countries and rapidly growing • Certified Resources › PCI DSS Qualified Security Assessor (QSA) › QSA for Point-to-Point Encryption (QSA P2PE) › Certified ASV vendor 18
  • 23. To Learn More About PCI Compliance or Data Discovery… • Visit www.controlcase.com • Call +1.703.483.6383 (US) • Call +91.9820293399 (India) • Kishor Vaswani (CEO) – [email protected] 19
  • 25. Thank You for Your Time