PCI Compliances Requirements and Effects on Retailers

PCI mandates that customers provide a secure transmission medium for sensitive cardholder information and maintain a vulnerability management program. Anti-virus programs must be used, regularly upda ted, and capable of detecting, removing, and protecting against all forms of malicious software. Companies who are not PCI compliant are subject to fines up to $500,000 per incident, greater scrutiny and additional penalties, including the revoking of the ability to process their debit and credit cards. In addition to the fines and penalties, non-compliant companies are subject to related public disclosure regulations, causing a loss of customer trust and brand equity, leading to lower revenues and shareholder revenues. As a result, retailers and other organisations that handle cardholder information around the world are particularly focused on rapidly deploying a solution to address PCI compliance.

PCI Compliance Made Easy
Offering PCI compliance directly integrated into our Email Security Appliances. The advanced search capabilities identify debit and credit card numbers and sensitive cardholder information by utilizing advanced rule sets to confirm their legitimacy. Since sensitive information can be sent over a wide variety of attachment types, the advanced content scanning capabilities extend to all parts of email and attachments, including more than 400 different file types, regardless of how it is embedded. As sensitive information is identified, the corresponding messages can be automatically encrypted for secure delivery, not requiring any action by either the sender or recipient. Compliance officers can also choose other remediation options including connection-based encryption, quarantining, archiving, user notification, and self-remediation. To regularly demonstrate effectiveness, compliance officers may choose to take advantage of auditable reporting capabilities that extend to the per-user level, allowing for greater user education for those who need it most. These automatic scanning and remediation capabilities ensure that all transmission of cardholder information across open, public networks are secure. All of these capabilities are incorporated in the web based Email Security Manager policy management tool, providing ease of deployment and use.