PCI Compliance Provides Data in Transit Security
A recent study reveals a disturbing new trend in cyber-theft.
/EINPresswire.com/ Alexandria, VA - The growing trend in cyber-theft is the targeting of electronic data-in-transit instead of stored electronic data. A recent study found that hackers stole data that was in transit in 66% of reported breaches using high tech data interception techniques and equipment. Only 26% of the time hackers went after stored data. In the remaining 8% the thieves sought both stored data and data in transit. Maintaining your PCI compliance greatly reduces the risk of your data being stolen if targeted by a criminal. Following the PCI DSS goals and strategies for protecting the integrity of your network allows for a continuously updating solution to the problem of data protection.
The following requirements pertain to protection of stored data and data in transit. 1.1 Requirement: all merchants must protect cardholder data by installing a firewall and routing system. Program the firewall and router standards to perform testing when configurations change, identify all connections to cardholder data, and review configuration rules every six months. 2.2 Requirement: It is required that all information is encrypted when transmitting the data across open public networks, such as the Internet, to prevent criminals from stealing the personal information during the process.
In the vast majority of data theft cases, criminals used a specially designed type of data collecting software known as "malware" to perform the task of intercepting data in transit and searching for stored data. PCI DSS 1.2 Requirement: Change all default passwords. Default passwords provided when first setting up software are discernible and can be easily discovered by hackers to access sensitive information.
PCI Compliance with PCI DSS Goal 5: Regularly Monitor and Test Networks; contains the following requirements:
5.1 Requirement: Keep system activity logs that trace all activity and review daily. The information stored in the logs is useful in the event of a security breach to trace employee activities and locate the source of the violation. Record entries reflect at a minimum: the user, event, date and time, success or failure signal, source of the affected data and the system component.
5.2 Requirement: Each quarter, use a wireless analyzer to check for wireless access points to prevent unauthorized access. Also, scan internal and external networks to identify any possible vulnerable areas in the system. Install software to recognize any modification by unauthorized personnel. Additionally, ensure that all IDS/IPS engines are up to date.
Be sure to adhere to these PCI compliance mandates for the protection of your business and your customers' sensitive personal information.
A small business can expect even a small scale data breach to cost $25,000 to $50,000 dollars in fines and legal fees. Those numbers should get your attention if you are a business owner that is not currently PCI compliant. PCI compliance is required. "PCI compliance protects your business in ways you didn't know you were vulnerable. Don't wait, find out if you are PCI compliant today, and if you are not, it is easy and free with PCI Free."
About:
Free PCI compliance solutions and resources for small business owners. Merchants and small business owners can find easy to understand guides, simplified compliance procedures along with PCI compliant merchant processing solutions.
PCI Free
571 438-6000
http://www.pcifree.com/
PR Courtesy of Online PR Media: http://bit.ly/irVUgz
/EINPresswire.com/ Alexandria, VA - The growing trend in cyber-theft is the targeting of electronic data-in-transit instead of stored electronic data. A recent study found that hackers stole data that was in transit in 66% of reported breaches using high tech data interception techniques and equipment. Only 26% of the time hackers went after stored data. In the remaining 8% the thieves sought both stored data and data in transit. Maintaining your PCI compliance greatly reduces the risk of your data being stolen if targeted by a criminal. Following the PCI DSS goals and strategies for protecting the integrity of your network allows for a continuously updating solution to the problem of data protection.
The following requirements pertain to protection of stored data and data in transit. 1.1 Requirement: all merchants must protect cardholder data by installing a firewall and routing system. Program the firewall and router standards to perform testing when configurations change, identify all connections to cardholder data, and review configuration rules every six months. 2.2 Requirement: It is required that all information is encrypted when transmitting the data across open public networks, such as the Internet, to prevent criminals from stealing the personal information during the process.
In the vast majority of data theft cases, criminals used a specially designed type of data collecting software known as "malware" to perform the task of intercepting data in transit and searching for stored data. PCI DSS 1.2 Requirement: Change all default passwords. Default passwords provided when first setting up software are discernible and can be easily discovered by hackers to access sensitive information.
PCI Compliance with PCI DSS Goal 5: Regularly Monitor and Test Networks; contains the following requirements:
5.1 Requirement: Keep system activity logs that trace all activity and review daily. The information stored in the logs is useful in the event of a security breach to trace employee activities and locate the source of the violation. Record entries reflect at a minimum: the user, event, date and time, success or failure signal, source of the affected data and the system component.
5.2 Requirement: Each quarter, use a wireless analyzer to check for wireless access points to prevent unauthorized access. Also, scan internal and external networks to identify any possible vulnerable areas in the system. Install software to recognize any modification by unauthorized personnel. Additionally, ensure that all IDS/IPS engines are up to date.
Be sure to adhere to these PCI compliance mandates for the protection of your business and your customers' sensitive personal information.
A small business can expect even a small scale data breach to cost $25,000 to $50,000 dollars in fines and legal fees. Those numbers should get your attention if you are a business owner that is not currently PCI compliant. PCI compliance is required. "PCI compliance protects your business in ways you didn't know you were vulnerable. Don't wait, find out if you are PCI compliant today, and if you are not, it is easy and free with PCI Free."
About:
Free PCI compliance solutions and resources for small business owners. Merchants and small business owners can find easy to understand guides, simplified compliance procedures along with PCI compliant merchant processing solutions.
PCI Free
571 438-6000
http://www.pcifree.com/
PR Courtesy of Online PR Media: http://bit.ly/irVUgz
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.