pci compliance update
Download
Skip this Video
Download Presentation
PCI Compliance Update

Loading in 2 Seconds...

play fullscreen
1 / 8

PCI Compliance Update - PowerPoint PPT Presentation


  • 138 Views
  • Uploaded on

PCI Compliance Update. Presented by: Jeff Gassaway, Information Security Officer – CISSP Lucas Walker, Information Security Analyst – GSEC. The Way We W ere. FY 2012-2013 Improved oversight and direction Improved compliance with PCI data security standards

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' PCI Compliance Update' - donald


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
pci compliance update

PCI Compliance Update

Presented by:

Jeff Gassaway, Information Security Officer – CISSP

Lucas Walker, Information Security Analyst – GSEC

the way we w ere
The Way We Were
  • FY 2012-2013
    • Improved oversight and direction
    • Improved compliance with PCI data security standards
    • Improved campus-wide security controls
what we did to improve
What We Did to Improve
  • Brought CoalFire on site for departments with largest volume and highest risk PCI transactions.
  • Established PCI mailing list to facilitate communication
  • Brought PCI trainings to campus
  • Created PCI Working Group
  • Based on number of transactions per year
  • How credit cards are being taken
  • Essentially, risk to the consumer
how we reduced costs
How We Reduced Costs
  • Reduced reliance on CoalFire’s services
    • Shadowed CoalFire site visits and interviews
  • Assisted departments in utilizing CoalFire’s tools
    • Navis
    • LightHouse
  • PCI Working Group
    • Working to develop standard solutions to meet a variety of departmental needs
    • Provide guidance
    • Consistency
where we are
Where We Are
    • Reducing Scope and Complexity
    • Clarifying PCI terms
    • Bringing significant issues to PCI Working group:
    • Developing approved enterprise solutions
    • Advising on business processes changes
    • Researching and supporting common tools and technology
    • Reviewing and enhancing policies and procedures
  • Cost Reduction
where we must go
Where We Must Go
  • Quarterly scans (internal and external) conducted
  • Robust change and patch management implemented
  • Everything in scope logged and reviewed daily
  • Consistent policies developed
  • Annual departmental policy review and trainings conducted
  • No cards stored
  • No non-compliance
slide8
Q&A
ad