As with other regulations and guidelines, PCI DSS compliance cannot be achieved through technology alone. It requires establishing and maintaining a PCI program that incorporates the appropriate policies, procedures and technology to ensure ongoing compliance through continuous protection of payment card data that is collected, stored or transmitted.Dell SecureWorks offers a full suite of PCI Security consulting and remediation solutions and is an Approved Scanning Vendor (ASV) and Qualified Security Assessor (QSA). The Dell SecureWorks Security and Risk Consulting team includes numerous certified QSA and ASV experts who work with a diverse range of organizations. The Dell SecureWorks PCI Compliance Resource Center is located at http://go.secureworks.com/pci-compliance. About Dell SecureWorks: Dell Inc. (NASDAQ: DELL) listens to customers and delivers innovative technology and services that give them the power to do more. Recognized as an industry leader by top analysts, Dell SecureWorks provides world-class information security services to help organizations of all sizes protect their IT assets, comply with regulations and reduce security costs. For more information, visit www.dell.com/secureworks. Dell and SecureWorks are trademarks of Dell Inc. Dell disclaims any proprietary interest in the marks and names of others.
Dell SecureWorks, an industry leader in information security services, has launched a new PCI Compliance Resource Center to help organizations meet and maintain compliance with the Payment Card Industry Data Security Standards (PCI DSS), and to help strengthen their overall security posture. PCI DSS requires any organization that transmits, processes or stores payment card information to protect the privacy and confidentiality of that data. The PCI Compliance Resource Center features a wide range of white papers, videos and webcasts that address PCI challenges, PCI DSS remediation, and consulting and information security services offered by Dell SecureWorks. PCI standards require organizations to build, maintain and monitor a secure network to protect cardholder data, as well as maintain a vulnerability management and information security program. Common challenges for merchants include identifying and segmenting cardholder data, assessing their current state of compliance, remediating any problems that are found, and maintaining ongoing compliance. Regardless of how many transactions they process, merchants must demonstrate PCI compliance annually. Those that are not PCI compliant can face steep fines from their acquiring banks, and in some cases, have their payment card privileges revoked. Fines can range from $2,000 to more than $100,000 per month for PCI compliance violations, plus additional fines for repeat violations, depending on the merchant’s acquiring bank. To demonstrate ongoing compliance, organizations must submit annual Reports on Compliance (ROC) or Self-Assessment Questionnaires (SAQs), and must scan their networks at least quarterly for security vulnerabilities. Although maintaining a PCI compliant status can prevent organizations from being fined, it is not enough to protect merchants from data breaches. “Many organizations mistakenly believe that once they are compliant their corporate networks are secure, but many companies that were PCI compliant have been breached,” said John Cartwright, Security Systems Principal Consultant, Dell SecureWorks. “In reality, when you take care of information security issues first, becoming PCI compliant should fall into place. And when you understand security and can accurately interpret the PCI requirements, you can find cost-efficient ways to meet them.”