Enabling Compliance with the PCI DSS Standards

Any company that stores, processes or transmits credit card data must comply with the PCI DSS. The major credit card brands of Visa, MasterCard, Discover and American Express aligned their individual policy protection programs to create the PCI DSS, an industry wide framework for protecting consumers.

Vormetric helps enterprises comply with three of the 12 high-level PCI DSS requirements:

• PCI DSS Requirement 3 - Protect stored cardholder data
• PCI 7 DSS Requirement 7 - Restrict access to cardholder data by business need to know
• PCI DSS Requirement 10 - Track and monitor all access to network resources and cardholder data

Vormetric Payment Card Industry Data Security Compliance Solution

Vormetric Data Security protects stored cardholder data anywhere it resides – both in centralized and distributed environments. It fully complies to PCI DSS strong encryption requirements by encrypting with standard AES 128-bit and 256-bit key lengths. Through a transparent, system-agnostic approach, Vormetric makes it easy to encrypt cardholder data for any system – databases, print and file servers, audit and debug logs, flat files, VoIP archives, reports, email repositories and backup archives.

Unlike native encryption point solutions (i.e., database vendor encryption) that explode policy, key management and separation of duties issues, Vormetric offers a single encryption system that easily extends throughout disparate and complex environments.

Vormetric Data Security repeatedly proves to address enterprise encryption requirements for PCI DSS compliance and simultaneously meet performance requirements – a major need for credit card processors, merchants and acquiring banks.