2024HPE Nonstop NewsSummer 2024 Accelerating the Journey to PCI DSS 4.0 Compliance with ACI Worldwide by comforte May 15, 2024 written by comforte Regulatory compliance is a fact of life for any business. And for those that accept, process, store or transmit credit card information, that means ensuring they meet the exacting requirements of PCI DSS. The card industry data security standard is two decades old this year, and its latest iteration promises a step change in how organizations are required to manage and secure their cardholder data environments (CDEs). Non-compliance is not an option. However, the process itself can be extremely time-consuming and expensive for many organizations. Fortunately, a new partnership between comforte and payments software giant ACI Worldwide should help to streamline the journey. Continuous compliance PCI DSS 4.0 has been billed as the biggest update to the standard since it was launched back in 2004. It features a string of changes to underlying requirements, intended to ensure the standard keeps pace with the rapid pace of technological change and threat actor innovation. These include a demand that organizations go beyond disk-level encryption to ensure all data residing in applications is also protected. More generally, there’s a desire among industry body the PCI Security Standards Council (PCI SSC) to: Allow greater flexibility in the technologies organizations can use to achieve compliance Promote continuous security, rather than treating compliance/security as a tick-box endeavour Enhance validation methods and procedures How will ACI Worldwide customers benefit? There’s plenty to take on board before the April 1, 2025 deadline for compliance. But one recent announcement will help compliance efforts. Customers using ACI Worldwide payment software in their CDE can now take advantage of leading data protection technology from comforte, which works seamlessly with the firm’s products. Specifically, thanks to a new partnership, ACI Worldwide now recommends comforte for its ACI Banking (i.e., Issuing and Acquiring) products in order to meet the data-at-rest requirement of PCI DSS 4.0. Those products are as follows: BASE24: comforte SecurDPS BASE24-eps: comforte SecurDPS, comforte SecurDPS Enterprise ICE-XS: comforte SecurDPS Enterprise ACI Acquirer/ACI Interchange/ACI Issuer: comforte SecurDPS Enterprise (Virtual File System component only – required for file exchange protection) UPF: comforte SecurDPS Enterprise XPNET: comforte SecurDPS The comforte products support PCI DSS 4.0 compliance by protecting what matters most: cardholder data. They offer several benefits: Automatic and continuous discovery and classification of data, wherever it resides in the organization. Multiple protection mechanisms including classic encryption, masking, tokenization and format-preserving encryption (FPE). Tokenization can help organizations use data for business value creation via analytics without exposing it to the risk of data theft. Advanced integration without the need to change underlying applications. Flexible deployment on-premises, in the cloud, or a hybrid combination of the two. Futureproofing against changes in the IT environment/CDE thanks to a flexible, elastic and self-healing architecture that is designed to adapt and adjust to future requirements. Enhanced security with integration into identity and access management (IAM) tooling, and built-in audit and analysis functionality. Getting started ACI says its products will work with comforte’s with minimal effort. ACI recommends customers establish a vendor agreement directly with comforte and plan a roadmap aligning to the March 31 2025 PCI DSS 4.0 compliance deadline. Once they’ve done that, it’s encouraging customers to reach out to their ACI Account Owner and the firm’s professional services team, which will help with work on deployment. There’s about a year to go before PCI DSS 4.0 becomes a reality. By using comforte to secure data at rest, organizations can take a massive stride towards compliance today. Learn how to discover, classify, and protect all sensitive data. Click the button below to download the solution brief for our Data Security Platform: May 15, 2024 0 comment 0 FacebookTwitterPinterestEmail
2024HPE Nonstop NewsMarch 2024Uncategorized Cybersecurity in the Boardroom: A Strategic Driver for Growth by comforte March 13, 2024 by comforte March 13, 2024 Cybersecurity has struggled for many years to make it onto the boardroom agenda. The perception of it as a purely technology function with limited strategic importance has led many organizations to take a short-term, check-box approach to managing cyber risk. This grossly undervalues the role cyber can and should … 0 FacebookTwitterPinterestEmail
2024HPE Nonstop News What Happens Next? Five Data Protection Predictions for 2024 by comforte February 29, 2024 by comforte February 29, 2024 It’s been another year full of incidents. But 2024 has plenty in store for IT and business leaders. As organizations continue to adapt to economic, political and business uncertainty, the value of effective data protection will never be so obvious. Regulatory and technological change promises to make it another … 0 FacebookTwitterPinterestEmail