pci dss


With so many high profile security breaches of large retailers in the news recently, a hot topic everywhere is around PCI DSS, the Payment Card Industry Data Security Standards. We recently spoke with Nirav Shah, Fortinet’s Director of Product Marketing – Enterprise Security, for his take on PCI DSS requirements, and how the FortiGate family of security products can help retailers secure their stores and meet these standards. A Q&A with Nirav Shah What is PCI DSS, and what do organizations need to do to comply with these requirements? PCI... [Read More]
by RSS John Welton  |  Oct 10, 2016  |  Filed in: Industry Trends & News
For retailers with many geographically dispersed shops or stores, having secure network connectivity and linking all sites to the head office has become the glue of critical operating processes, such as the Point of Sale (PoS), accounting, inventory control, pricing, customer relationship management applications, and other business services. The in-store store network is vital, yet invisible, to staff and shoppers alike – until it stops working. But when the network goes down, transactions halt, customers go elsewhere, and cash registers stop... [Read More]
by RSS Fortinet Australia  |  Sep 08, 2016  |  Filed in: Industry Trends & News
You've invested in firewalls and your servers are patched. Clients are running updated anti-malware software and spam and phishing filters are turned up to 11 on your mail servers. Flash? Not running it. Role-based security measures? Implemented three years ago...of course. And BYOD? Only with approved AV and signed acceptable use and access policies. Your IT staff actually sleeps at night because you don't just have a security plan - You actually follow it. Unfortunately, the reality for most organizations is a bit different. Smaller... [Read More]
by RSS Chris Dawson  |  Aug 26, 2015  |  Filed in: Industry Trends & News
Federal and State laws, as well as industry regulations, are major drivers in the security industry, and none are probably more far-reaching and controversial than the Payment Card Industry Data Security Standard (PCI DSS). Here, Fortinet provides an overview of PCI DSS and what you need to know about this regulation. It's not a law. Unlike data security laws that are created by legislators, PCI DSS is a worldwide regulation crafted by the PCI Security Standards Council, which is an open, global forum founded by: American Express, Discover, JCB... [Read More]
by RSS UnAttributed  |  Jan 15, 2014  |  Filed in: Security 101
Today we published new research that shows where SMB retailers stand in regards to compliance regulations, security policies and new technologies that help manage big data and security infrastructure. Based on findings from an independent U.S.-based survey of 100 SMB retail organizations with less than 1,000 employees, the survey revealed that a majority of retailers are aware of an increasingly complex threat and regulatory environment and are applying best security practices and compliance policies to keep safe. However, more than one in five... [Read More]
by RSS Michael Perna  |  Jan 13, 2014  |  Filed in: Industry Trends & News
One of the WORST riddles I can recall from my youth is, \"When is a door not a door? When it's ajar.\" A riddle that's also a pun?!... Seriously, who comes up with this? But, I digress... One thing that is not a laughing matter is maintaining PCI DSS wireless compliance. And, did you know that in today's distributed retail enterprise, sometimes a rogue AP is not a rogue AP. No, really. Ask yourself, \"When is a rogue AP not a rogue AP? When it's outside the CDE!\" (Now, doesn't that just make you smile?) Kidding aside... Let's look at the... [Read More]
by RSS UnAttributed  |  Jul 30, 2012  |  Filed in: Industry Trends & News
Personally identifiable information — the words are tossed around constantly in the news, by security folk and, with increasing frequency, by any organization forced to disclose a data breach. When used in the latter context, personally identifiable information (PII)— data that could be used for identity theft purposes— had somehow been exposed or had gotten into the hands of cybercriminals. But what does the term mean exactly? What are the implications of its loss these days? And how can it be protected? At its root, PII simply means... [Read More]
by RSS Stefanie Hoffman  |  Jun 27, 2012  |  Filed in: Industry Trends & News
Is there an upside to Payment Card Industry (PCI) compliance? In an interview with Kim Nguyen, Jason Wright, CISSP, reviews several security solutions that can help organizations achieve compliance. He also reveals an upside for those who may be frustrated by these industry mandates. [display_podcast] (Click the picture to watch the video) [Read More]
by RSS Rick Popko  |  Sep 09, 2009  |  Filed in: Security Research