PCI Boot Camp. Presented by the PCI Compliance Task Force. moderator:. Jeremy Rock President ● RockIT Group. Agenda. PCI Overview Removing Card Data From Your Hotel Best Practices Questions & Answers. PCI Overview. Presenters:. Mark Haley, CHTP
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Presented by the PCI Compliance Task Force
President ● RockIT Group
Mark Haley, CHTP
Managing Partner● The Prism Partnership, LLC
Director of IT● Benchmark Hospitality International
Regional Director of IT● Benchmark Hospitality International
What Does PCI Compliance Entail?
Source: Trustwave Spider Labs
*Statistics from 2011 Verizon Business Data Breach Investigation Report
* All percentages are from the 2011 Verizon Business Data Breach Investigation
You don’t want to make the headlines!
Merchant Level Description
2011 Global Security Report
Executive Director – Vertical Market Strategy●
Heartland Payment Systems
Group Manager, Product● Merchant Link, LLC
Director of Strategic Relationships● Shift4
Lyle Worthington, CHTP
Chief Information Officer● Horseshoe Bay Resort
PCI Approach: Protect What You “Must” Have(This used to be a straightforward statement.)
Imagine a princess in a castle…
Securing her against attacks ofincreasing sophistication is difficult and expensive.
TAKE THE PRINCESS OUT OF THE CASTLE!
Encryption at Swipe or Key
PCI is working on regulatory changes to recognize the use of this solution may reduce Merchants PCI Scope.
Correct tokenization solutions remove the PMS from the scope of PCI DSS.
Your Action Plan
Does It Solve The Problem?
Senior Incident Response Consultant ● TrustWave/SpiderLabs
Vice President, Information Technology ● Destination Hotels & Resorts
Jerry Trieber, CPA, CHAE, CFE, CFF
Director of Field Accounting ● Crestline Hotels & Resorts
Conduct training on PCI Compliance!
Training on PCI Compliance should include:
In order to help us create/provide a better HITEC
experience in the future, please take a second to fill out the short survey that will be sent to you via e-mail at the end of the day.
And THANK YOU for attending HITEC!
Learn how HFTP membership can benefit you,