PCI Compliance Paper

Improved Essays
Show More
PCI compliance was first introduced in 1999 by Visa, Inc., in the form of the Cardholder Information Security Program (CISP). CISP was developed as Visa’s way to fight rampant cybercrime, which left credit card companies responsible for fraudulent purchases. (Search Security Staff, 2013) However, companies accepting credit transactions did not adopt the standards provided by CISP because they were quite different from the standards presented by other card companies like Discover, MasterCard, and American Express. In December 2004, the five major credit card lenders joined together to create a uniform set of standards called the Payment Card Industry Data Security Standard (PCI DSS). (3Delta Staff, 2014) Merchants now had no choice but to follow the standards as failure to do so could result in financial loss and …show more content…
To decrease the risk that data might become compromised and to lessen the effects in the event of a security breach, it is paramount that all companies transmitting, processing and storing cardholder data maintain compliance.
In 2006, the PCI Security Standards Council (PCI SSC) began as an open global forum that was responsible for the “development, management, education and awareness of the PCI Security Standards and requirements.” (PCI Security Standards Council, LLC, 2014). These standards include the Data Security Standard (PCI DSS), the Payment Application Data Security Standard (PA-DSS), and the PIN Transaction Security requirements (PTS) (PCI Security Standards Council, LLC, 2014).
In order for companies to maintain compliance with PCI DSS, the PCI SSC established The Prioritized Approach to assist organizations in identifying areas of concern and reducing risk. As part of this approach, six goals were determined to be critical milestones that can be regarded as a roadmap for ensuring protection against security

Related Documents

  • Improved Essays

    Nt1330 Unit 6 Part 1 Assignment
    • 730 Words
    • 3 Pages

    Nt1330 Unit 6 Part 1 Assignment

    The vulnerabilities identified in part 1 assignment was mitigated by recommending the right solutions. In part2, the network security analyst identified and proposed solutions for the right network devices to protect the accounting firm's network from intruders and external cyber threats. In this final assignment section, the network security analyst of the accounting firm will propose the application/end-user security recommendation to protect the company’s sensitive information. The analyst will also ensure that the proper procedure and policies are in place to take care of network security and employees should be trained and aware of those policies from possible threats including cyber-attacks.…

    • 730 Words
    • 3 Pages
    Improved Essays
    Read More
  • Improved Essays

    Nt1330 Unit 7
    • 1149 Words
    • 5 Pages

    Nt1330 Unit 7

    1. Focus on the overall “security assessment” risk rating that appears at the top of your report. Considering what security measures you (or the computer owner) have undertaken for your computer, does the assessment surprise you? Why or why not? What measures should you plan to undertake if the green checkmark did not appear?…

    • 1149 Words
    • 5 Pages
    Improved Essays
    Read More
  • Improved Essays

    Ba501 Week 1 Assignment
    • 740 Words
    • 3 Pages

    Ba501 Week 1 Assignment

    II Abstract Security is a need that is increasing at a rapid rate especially with a large organization and constant changes seem to be the norm.…

    • 740 Words
    • 3 Pages
    Improved Essays
    Read More
  • Improved Essays

    Executive Order 13735 Essay
    • 445 Words
    • 2 Pages

    Executive Order 13735 Essay

    The task of the 12 commission members were to provide detailed recommendations for the public and private sectors to strengthen cybersecurity, ensure safety, bolster partnerships, and new technical solutions. The recommendations were to be submitted to the President by December 1, 2016 and must be actions that can be taken over the next ten…

    • 445 Words
    • 2 Pages
    Improved Essays
    Read More
  • Decent Essays

    Nt2580 Unit 7
    • 395 Words
    • 2 Pages

    Nt2580 Unit 7

    Written Assignment – Unit 7- Ecommerce ________________________________________ Submit a written paper which is at least two pages in length, double spaced in Times New Roman (or its equivalent) font which is no greater than 12 points in size. After referring to Chapter 3 of Information Security for Non-Technical Managers, discuss the three main areas of accountability regarding information security. When discussing each area, provide an example from outside the textbook. Information security is about all that an organization can involve in, it comprises the data stored by the security center whether in an electronic machine or in a vast area room.…

    • 395 Words
    • 2 Pages
    Decent Essays
    Read More
  • Improved Essays

    Information Security In Healthcare
    • 782 Words
    • 4 Pages

    Information Security In Healthcare

    Developing data analytics to monitor and screen cybersecurity threats and react to threat attacker episodes and review log activities (Bergquist, 2016). Technical recommendations to boost security without significantly increasing personnel management can be achieved by incorporating security frameworks reviews, examining any area(s) of weakness or vulnerabilities and implementing security controls. Business partners of ABC Healthcare such as banks, vendors, and collection agencies will continue to thrive with the integration of proper security measures without introducing significant overhead and complexity. Integrating data sharing polices can protect the information and ultimately reduce the level of access to individuals information. To tackle information security infringements, ABC healthcare business partners must concentration on the collaboration of security control with ABC Healthcare to enforce security regulations such as data encryption, data sharing and disposal policies, and educate personnel by…

    • 782 Words
    • 4 Pages
    Improved Essays
    Read More
  • Superior Essays

    Types Of Security Events And Baseline Anomalies That Might Indicate Suspicious Activity
    • 1084 Words
    • 5 Pages

    Types Of Security Events And Baseline Anomalies That Might Indicate Suspicious Activity

    Identify strategies to control and monitor each event to mitigate risk and minimize exposure Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. One type of a security event that might indicate supicious activity is an authentication failures found in audit logs. Audit logs contain a high volume of events so particular attention on which events that should be specifically tracked and managed require consideration. An audit log can identify patterns of activity that can signal a security a potential breach. Whether the attack was successfull or not the audit information should be stored in a central respository for future forensic refernce if ever needed.…

    • 1084 Words
    • 5 Pages
    Superior Essays
    Read More
  • Improved Essays

    HITRUST: Common Security Framework
    • 725 Words
    • 3 Pages

    HITRUST: Common Security Framework

    Developed in collaboration with healthcare and information security professionals, the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is a security framework for protecting health information tailored for the U.S. healthcare industry. The CSF includes and integrates federal and state regulations, standards, and frameworks such as HIPAA (Health Insurance Portability and Accountability Act), NIST (National Institute of Standards and Technology), ISO (International Organization for Standardization), and COBIT (Control Objectives for Information and related Technology) to provide a healthcare organization with a broad and adaptable tool for assessing risk (Murphy, 2015). As described on the Health Information Trust…

    • 725 Words
    • 3 Pages
    Improved Essays
    Read More
  • Improved Essays

    Summary: IT Security Threats
    • 1332 Words
    • 6 Pages

    Summary: IT Security Threats

    IT security threats and cryptography 7/A. P1: Explain the different security threats that can affect the IT systems of originations. 7/A.M1: Assess the impact that IT security threats can have on organization's IT systems and business whilst taking account of the principles of information security and legal requirements In today's society data is a very valuable thing companies have to take in to account how to protect that data from the threats, Threats is a way in which the data is vulnerable and therefore rules and regulations have been put in place to stop these potential threats for example all will have adhere to the principles of information security this is a way in which data is protected, I have been working for a start-up company…

    • 1332 Words
    • 6 Pages
    Improved Essays
    Read More
  • Improved Essays

    Carding Regulation Essay
    • 520 Words
    • 3 Pages

    Carding Regulation Essay

    Howard Morton raises many issues throughout the discussion in the chapter called “Investigative detentions and street checks”. However, there are a few major points with the first one being the policy that dictates how pre-existing carding information must be destroyed and retained. Given that the information remains in intelligence databases that are shared internationally with other law enforcement agencies which could have a negative effect on an individual. The second issue that Morton raises is that there are plenty of legal limits placed on police officers when performing “Investigative detentions and street checks”. However, there is almost no judicial oversight for this type of detention, given that it rarely goes in front of the courts.…

    • 520 Words
    • 3 Pages
    Improved Essays
    Read More
  • Improved Essays

    Health Insurance Portability & Accountability Act (HIPAA)
    • 1021 Words
    • 5 Pages

    Health Insurance Portability & Accountability Act (HIPAA)

    What is Health Insurance Portability & Accountability Act (HIPPA)? Health Insurance Portability & Accountability Act (HIPAA) also known as the Kassebaum-Kennedy Act is not just a fanciful name, but it’s a legislation that was enacted on August 21, 1996, by Congress to protect human rights in regards to the confidentiality of their personal and medical information and also in alleviating the administrative cost. This legislation forbids discriminating by insurance companies and other organizations that may result in patient’s health status and information being compromise. This also helps to heighten the health care system by making it more effective, more trust worthy, easier to understand and most of all less expensive.…

    • 1021 Words
    • 5 Pages
    Improved Essays
    Read More
  • Decent Essays

    Patient Card Body
    • 502 Words
    • 3 Pages

    Patient Card Body

    a. Card body Several materials could be utilized to suit the card body and conform the application requirements such as the desired period of validity: • PVC (polyvinyl chloride), • PC (polycarbonate), • PETG (polyester), • Composite materials. b. Possible applications • Digital signatures • E-prescriptions • Electronic patient file • Medication history for interaction inspection • Pregnancy and vaccination records • Emergency data • Organ donor ID • Bonus schemes • Cost tracking c. Scope of service An overall service package for the patient data card implementation involves: • Call center services • Card personalization • Data collection • Data preparation and handling • Project support • Public Key Infrastructure (PKI) • PIN letters • Card Application Management Systems (CAMS) d. Security at its highest levels…

    • 502 Words
    • 3 Pages
    Decent Essays
    Read More
  • Great Essays

    Case Study: Amazon Prime Membership
    • 1957 Words
    • 8 Pages

    Case Study: Amazon Prime Membership

    The paper will further describe specific risks, controls, and audit procedures that are associated with key processes as well as provide controls that will help mitigate the risks…

    • 1957 Words
    • 8 Pages
    Great Essays
    Read More
  • Improved Essays

    Pre-Play Attack Essay
    • 839 Words
    • 4 Pages

    Pre-Play Attack Essay

    This discussion is followed by examples of how the authors tested and experimented with how EMVs work with ATMs. The authors then describe the flaws that have been discovered in the protocol that is used for EMV followed by some possible way to defend against the exploits. To end the paper the authors provide a conclusion that sums up their findings and recommendations. Named after the creators, Europay, Mastercard and Visa, EMV is a worldwide standard for secure credit and debit card payment transactions. EMVCo was founded in 1999, by Europay, Mastercard and Visa, with the goal to develop and manage the EMV standards and documents.…

    • 839 Words
    • 4 Pages
    Improved Essays
    Read More
  • Improved Essays

    What Are The Advantages And Disadvantages Of Credit Cards
    • 714 Words
    • 3 Pages

    What Are The Advantages And Disadvantages Of Credit Cards

    Since fraud continues to be a large risk to credit card users and issuing companies, it is important that the best ways to counteract risks are always being implemented—it does not take very long for security systems to be hacked and exploited. The best way for consumers and companies to protect themselves is to stay up to date on new technology, and to implement more effective security systems as soon as they become available. Thus, this new code changing technology should be taken very seriously. To summarize, this new credit card technology has significant potential to protect consumers and companies from becoming victims of credit card fraud. With these new cards, risks spurring from online purchases or from having card details exploited will certainly be lower.…

    • 714 Words
    • 3 Pages
    Improved Essays
    Read More

Related Topics

Ready To Get Started?
Discover
Company
Follow
©2024 Cram.com
Privacy Policy |  About Ads |  Site Map |  Advertise  | 
  • Cookie Settings