Solutions for Business Needs PCI-DSS Compliance

Businesses and their customers have more to gain from technology today than ever before. And also, more to lose. With headlines about massive cases of identity theft and credit card fraud becoming commonplace, the Payment Card Industry Council (PCI) created the Data Security Standard (DSS) to help secure the transmission, storage and processing of sensitive payment cardholder data. Failure to comply with PCI-DSS can result in fines, security breaches, bad publicity and a loss of business.

Who do PCI-DSS requirements apply to?

PCI DSS currently applies not just to retailers, but to any business that accepts a single payment card transaction—from government agencies, hospitals and schools, to professionals who offer credit card payments, business-to-business companies and nonprofits. It applies to transactions with credit cards, debit cards, online transactions and “chip and PIN” (or smart) cards.

How are PCI-DSS requirements enforced?

The major credit card brands enforce PCI requirements for merchants and service providers. Each brand provides compliance guidelines, deadlines, definitions and penalties for noncompliance.

What you don’t know can cost your business.

Many businesses do not know how many of their systems store credit card holder data, whether they can retain cardholder data after a transaction, or whether their current equipment can handle PCI mandates. Many are also not aware of looming PCI deadlines nor how much PCI compliance will cost. And unfortunately, having sound security doesn’t necessarily mean your business is PCI-compliant. Fortunately, becoming PCI-compliant is a key first step to baseline security practices.

Unified Threat Management is simpler and cost-effective.

In the past, retailers have had to settle for esoteric security solutions targeting single-point threats like viruses, spam and intrusions as they arose, often adding complexity and expense without corresponding value.

Today, security technology has evolved, and retailers demand simpler, well-engineered and cost-effective solutions. Unified Threat Management (UTM) firewall technology combines multiple security features into a single platform that can be easier and more cost effective to deploy and manage.

While malicious attacks can penetrate stateful packet inspection firewalls, early attempts at deep packet inspection with UTM often resulted in significant performance reduction. Advanced UTM and Next-Generation firewall solutions, such as those recently engineered by Dell SonicWALL, apply patented innovative technology to break through these earlier restrictions.

+

Sample Restaurant Point-of-Sale (POS) Solution

Clean VPN for security beyond the perimeter.

With the evolution of ecommerce, traditional retail boundaries are disappearing and the store is no longer limited to any specific physical location. Retail boundaries are blurring, with outside partners, vendors and consultants playing an increasingly vital role in daily operations, often collaborating in cross-functional teams requiring secure access to inside application resources from outside devices, traversing internal and external firewalls. While increased access has increased productivity, it has also increased the number of access points, devices and network environments that are outside of the enterprise’s direct control. Which makes it more important than ever to monitor and secure both the traffic flowing through the network perimeter and the endpoints beyond the perimeter.

A clean VPN approach integrates a layer of intelligent remote access technology such as a Secure Sockets Layer virtual private network (SSL VPN) to secure users and devices beyond the perimeter, with layer of intelligent firewall technology such as Unified Threat Management to secure data traffic penetrating the perimeter. To be practically effective, an integrated clean VPN should be able to comprehensively detect the integrity of all endpoints, users and data traffic; protect resources against unauthorized access and malware attacks; and connect authorized users easily to mission-critical resources in real time.

Get answers to the tough questions.

When evaluating security solutions to help your business satisfy PCI criteria, consider the following questions:

• Does the PCI solution you’re evaluating offer real-time threat and data protection? Does it offer gateway anti-virus, anti-spyware, intrusion prevention, anti-spam and content filtering?
• Can it detect Rogue Access Points (RAP) connected to the network?
• Can the PCI solution help maintain consistent policy control across your protected cardholder data environment? Is there a single dashboard to ensure unified policy control?
• Does it offer redundancy, load balancing and centralized security enforcement to ease administration?
• Will it mitigate your exposure to web-facing vulnerabilities?
• Will it limit scope and protect cardholder data in transit?
• Does it offer application intelligence and control to throttle unauthorized merchant activity on the network and more efficiently manage bandwidth?
• Can it address other compliance initiatives such as Sarbanes-Oxley (SOX), Gramm-Leach-Bliley Act (GLBA), and the Health Insurance Portability and Accountability Act (HIPAA)?
• Is the PCI solution backed and approved by an independent PCI Qualified Security Assessor (QSA)?

Exceed PCI requirements with Dell SonicWALL solutions.

Dell SonicWALL PCI solutions address many PCI requirements—and even go beyond them, with innovative technologies such as application intelligence and control and patented Reassembly-Free Deep Packet Inspection™ (RFDPI) technology. Backed and approved by an independent PCI Qualified Security Assessor, security configurations using Dell SonicWALL® Next-Generation and Unified Threat Management (UTM) Firewalls and Dell SonicWALL Global Management System (GMS) provide a solid foundation for PCI compliance and passing PCI audits.

Providing comprehensive best practices for securing sensitive information, Dell SonicWALL PCI solutions can strengthen your company’s overall security posture and help satisfy PCI requirements efficiently and cost effectively.

Upgrading to the latest Dell SonicWALL firewall technology and features can help your business boost security plus comply with the latest PCI mandates. By relentlessly innovating to drive the costs and complexity out of building and running high performance secure infrastructure, Dell SonicWALL offers organizations exceptional value in:

Affordable acquisition.

By standardizing to commercially available hardware, maximizing supply chain efficiencies and leveraging Dell SonicWALL’s leading-edge software development across the entire product line, organizations of all sizes can drive down costs of high-performance network security.

Ease-of-deployment.

Dell SonicWALL delivers elegant, simplified solutions that are fast and easy to set up, even in the most demanding network infrastructures.

Streamlined management and operations.

By providing globally-managed, centrally-administered products and dynamic security services that deliver real-time threat and data protection, Dell SonicWALL streamlines security, freeing resources to increase productivity and profitability.