PCI DSS remains one of the most influential data security compliance standards because of its wide applicability and its specificity. In this real training for free event we will discuss all 12 requirements of PCI DSS:
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
- Use and regularly update anti-virus software or programs
- Develop and maintain secure systems and applications
- Restrict access to cardholder data by business need-to-know
- Assign a unique ID to each person with computer access
- Restrict physical access to cardholder data
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
- Maintain a policy that addresses information security for employees and contractors
But we will examine PCI in the context of a typical Windows/AD dominant network. We will discuss your options for clearly identifying your card holder data environment (CDE) using features of Windows and Active Directory.
After the initial work, the biggest job with PCI DSS are the ongoing processes of monitoring, change detection, testing and patching. I’ll provide practical tips on how to accomplish those tasks as efficiently as possible and how to get added value from the effort.
Our sponsor SolarWinds, will briefly show you how their expanding security and compliance portfolio helps you demonstrate and maintain PCI compliance effectively and affordably.
Please join us for this real training for free session.