Presentation is loading. Please wait.

Presentation is loading. Please wait.

Payment card industry data security standards

Published byMichael Washington Modified over 6 years ago

Similar presentations

Presentation on theme: "Payment card industry data security standards"— Presentation transcript:

1 Payment card industry data security standards
Protecting your college via information technology security

2 What is pci-dss? The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI DSS provides a baseline of technical and operational requirements designed to protect account data. PCI DSS applies to all entities involved in payment card processing of- American Express, Discover, JCB, MasterCard and Visa.

3 Why is pci-dss important?
PCI-DSS Standard is necessary to provide an active data security process to protect all cardholder data that is received by the college through the different channels of MOTO, Ecommerce and in-person. This includes monitoring, detecting and protecting the data and following proper security guidelines. PCI-DSS applies to ANY organization, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data. Adherence to the PCI-DSS is a requirement of the Washington State’s contract for Merchant Bankcard Services with Bank of America Merchant Services (BAMS).

4 What role does i.t. play? The IT department at the college has a significant role in the PCI-DSS compliance as IT is often responsible for areas: Build and Maintain a Secure Network (i.e. firewalls, web security) Protect Cardholder Data (i.e. encrypt transmission of data across networks) Maintain a Vulnerability Management Program (i.e. anti-virus checks) Implement Strong Access Control Measures (i.e. restrict access to cardholder data) Regularly Monitor and Test Networks (i.e. testing all networks) Maintain an Information Security Policy (i.e. contribute to personnel security policies)

5 What role does business finance play?
The Business Finance department at the college has a specific role in the PCI-DSS compliance as it is responsible for physical cardholder data and security: Protect Cardholder Data (i.e. protect and secure cardholder data) Implement Strong Access Control Measures (i.e. restrict public access to cardholder data) Maintain an Information Security Policy (i.e. contribute to personnel security policies)

6 How do you stay secure? PCI-DSS also requires quarterly external vulnerability scans to ensure safety of your internet-facing components and network. Vulnerability scans help identify weaker areas within the infrastructures and can provide valuable information that supports efficient patch management to help improve protection from data breaches at all levels. Approved Scan Vendors are listed at the PCI Security website.

7 What else do we need to know?
PCI-DSS Self-Assessment Compliance is required annually PCI-DSS is a college wide effort and yours may have dedicated PCI-DSS staffing to help complete and comply the SAQ’s A data breach can happen to anyone and its important to have secure measures in place to ensure no loss of customers, reputation or finances occur within your institution More information at

8 Mandy Kaplan Reach out anytime! 360-902-8906 mandy.kaplan@tre.wa.gov
Bankcard Services Coordinator Office of the State Treasurer

Download ppt "Payment card industry data security standards"

Similar presentations

Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.

Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.
National Bank of Dominica Ltd. 2011 Merchant Seminar Facilitator: Janiere Frank Fraud & Compliance Analyst June 16, 2011.

National Bank of Dominica Ltd Merchant Seminar Facilitator: Janiere Frank Fraud & Compliance Analyst June 16, 2011.
Evolving Challenges of PCI Compliance Charlie Wood, PCI QSA, CRISC, CISA Principal, The Bonadio Group January 10, 2014.

Evolving Challenges of PCI Compliance Charlie Wood, PCI QSA, CRISC, CISA Principal, The Bonadio Group January 10, 2014.
.. PCI Payment Card Industry Compliance October 2012 Presented By: Jason P. Rusch.

.. PCI Payment Card Industry Compliance October 2012 Presented By: Jason P. Rusch.
PCI DSS for Retail Industry

PCI DSS for Retail Industry
Payment Card Industry Data Security Standard Tom Davis and Chad Marcum Indiana University.

Payment Card Industry Data Security Standard Tom Davis and Chad Marcum Indiana University.
PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.

PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.
Complying With Payment Card Industry Data Security Standards (PCI DSS)

Complying With Payment Card Industry Data Security Standards (PCI DSS)
This refresher course will:

This refresher course will:
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.

Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.
Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations

Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations
PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.

PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.
Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?

Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?
Jeff Williams Information Security Officer CSU, Sacramento

Jeff Williams Information Security Officer CSU, Sacramento
Property of the University of Notre Dame Navigating the Regulatory Maze: Notre Dame’s PCI DSS Solution EDUCAUSE Midwest Regional Conference March 17, 2008.

Property of the University of Notre Dame Navigating the Regulatory Maze: Notre Dame’s PCI DSS Solution EDUCAUSE Midwest Regional Conference March 17, 2008.
Visa Cemea Account Information Security (AIS) Programme

Visa Cemea Account Information Security (AIS) Programme
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.

GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

Similar presentations

Ads by Google