Download PCI DSS Compliance Reference Card

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
Document related concepts

Cloud computing issues wikipedia , lookup

Deep packet inspection wikipedia , lookup

Project 25 wikipedia , lookup

Authentication wikipedia , lookup

Information privacy law wikipedia , lookup

Cryptography wikipedia , lookup

Carrier IQ wikipedia , lookup

Next-Generation Secure Computing Base wikipedia , lookup

Mobile device forensics wikipedia , lookup

Data remanence wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Microsoft Security Essentials wikipedia , lookup

Malware wikipedia , lookup

Distributed firewall wikipedia , lookup

Computer security wikipedia , lookup

Access control wikipedia , lookup

Security-focused operating system wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Wireless security wikipedia , lookup

Unix security wikipedia , lookup

3-D Secure wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Mobile security wikipedia , lookup

Transcript 
PCI DSS Compliance Reference Card
Payment Card Industry Data Security Standard (PCI DSS) v3.0
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle
branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB. The standard covers
all major areas of a security program in 12 sections.
Requirement
REQUIREMENT ONE
Install and maintain a
firewall configuration to
protect cardholder data
Sophos product
Sophos UTM & NextGen Firewall (NGFW)
How it helps meet compliance
ÌÌ Sophos UTM & NGFW allows for granular rule-based traffic control to specific ports and services at perimeter
ingress and egress points, and can control remote access authentication and user monitoring at the perimeter.
ÌÌ Sophos UTM & NGFW can also be used to create granular and manageable firewall rule sets that specify addresses,
ports, protocols, and specific application traffic and behavioral patterns. Sophos firewalls can also perform
Network Address Translation (NAT), detect and block spoofed IP addresses, and perform stateful traffic inspection.
Sophos Endpoint
Protection
ÌÌ Sophos Endpoint Protection includes a powerful local firewall and host-based intrusion detection and traffic
control and monitoring, and creates detailed log events of all malicious activity on endpoint systems, helping to
identify suspicious activity on systems that may be in scope for PCI DSS.
REQUIREMENT TWO
Sophos Email Appliance
Protect stored
cardholder data
Sophos UTM
ÌÌ Sophos Email Appliance leverages Sophos SPX encryption to dynamically encapsulate email content and
attachments into a secure encrypted PDF.
Sophos Mobile Control
Sophos Secure Workspace
REQUIREMENT THREE
Encrypt transmission of
cardholder data across
open, public networks
ÌÌ Sophos Secure Workspace App can encrypt documents within a secure container on a mobile device managed
with SMC. SSW can dynamically encrypt content sent to cloud-based storage services and applications. SMC
enforces device encryption and monitors compliance relative to encryption policy.
Sophos SafeGuard
Encryption
ÌÌ Sophos SafeGuard Encryption can encrypt data on Macs, Windows, and mobile devices. SafeGuard can manage
BitLocker and FileVault encryption, as well as encryption for USB sticks, cloud storage, file shares, memory
cards, and CDs/DVDs. Role-based access control is available to separate user capabilities to manage or control
encryption, and keys can be managed and stored separately with the SafeGuard Management Center.
Sophos SafeGuard
Encryption
ÌÌ Sophos SafeGuard Encryption can encrypt data on Macs, Windows, and mobile devices. SafeGuard can manage
BitLocker and FileVault encryption, as well as encryption for USB sticks, cloud storage, file shares, memory cards,
and CDs/DVDs. All data encrypted with SafeGuard will remain encrypted as files are moved across the network.
Sophos UTM
ÌÌ Sophos UTM and Wireless Access Points can create dynamic encrypted WiFi sessions, protecting payment card
data in transit.
WiFi Access Points
Sophos UTM & NextGen Firewall (NGFW)
Sophos Email Appliance
Sophos UTM
ÌÌ Sophos UTM & NGFW allows for policy-based encryption for VPN tunnels, protecting payment card data in transit.
ÌÌ Sophos Email Appliance and UTM includes the SPX encryption feature which allows encrypting of sensitive data
automatically as files and content are emailed to parties outside the organization.
PCI DSS Compliance Reference Card
Payment Card Industry Data Security Standard (PCI DSS) v3.0
Requirement
REQUIREMENT FOUR
Protect all systems
against malware
and regularly update
anti-virus software
or programs
Sophos product
Sophos Antivirus
for vShield
ÌÌ Sophos Antivirus for vShield protects virtual servers and desktops from malware.
Sophos Server Protection
ÌÌ Sophos Server Protection protects standard physical (or virtual) servers from malware.
Sophos for Microsoft
SharePoint
ÌÌ Sophos for Microsoft SharePoint provides malware file scanning and protection for SharePoint
collaboration environments.
Sophos for Network
Storage
ÌÌ Sophos for Network Storage scans file systems on storage platforms from EMC, NetApp and Oracle/Sun
for malware.
Sophos PureMessage
ÌÌ Sophos PureMessage can detect and block email-based malware threats.
Sophos Mobile Security
ÌÌ Sophos Mobile Security for Android can protect users from malicious applications or potential threats within
potentially unwanted applications (PUAs) downloaded by users.
Cloud Mobile Security
ÌÌ Sophos Cloud allows for cloud-based management of multiple anti-malware capabilities, including endpoint
and server protection.
Sophos Endpoint
Protection
ÌÌ Sophos Endpoint Protection includes traditional and next-generation (behavior- and analytics-based) malware
protection, with frequent updates and real-time lookups.
Secure Web Gateway
ÌÌ Secure Web Gateway monitors and blocks web site access for malware infections and execution, and also
integrates up-to-date threat intelligence on malicious sites from Sophos.
Secure Email Gateway
Sophos UTM
Restrict access to
cardholder data by
business need to know
ÌÌ Cloud Mobile Security provides a stand-alone app for third-party MDM solutions or can be integrated with Cloud
Mobile and endpoint solutions.
Sophos Cloud
Sophos UTM
REQUIREMENT FIVE
How it helps meet compliance
Sophos UTM & NextGen Firewall (NGFW)
Sophos UTM
ÌÌ Secure Email Gateway can detect and block viruses and known phishing emails that may include malware.
ÌÌ Sophos UTM & NGFW can control remote access authentication and user monitoring with logging of all access.
WiFi Access Points
ÌÌ Sophos UTM and Wireless Access Points can provide a guest portal with full logging of all authentication
and connection activity, including unique user accounts.
Sophos SafeGuard
Encryption
ÌÌ Sophos SafeGuard Encryption provides role-based management to separate authorization levels, as well
as detailed logging of all access attempts.
PCI DSS Compliance Reference Card
Payment Card Industry Data Security Standard (PCI DSS) v3.0
Requirement
REQUIREMENT SIX
Identify and authenticate
access to system
components
REQUIREMENT SEVEN
Track and monitor
all access to network
resources and
cardholder data
Sophos product
How it helps meet compliance
Sophos UTM & NextGen Firewall (NGFW)
ÌÌ Sophos UTM & NGFW can facilitate 2-factor authentication for VPN connections, with granular
RADIUS/TACACS integration.
Sophos Mobile Control
ÌÌ Sophos Mobile Control can enforce encryption and password policy. Device encryption features for iOS,
Android, and Windows phones are supported as is Samsung Knox. Additional authentication for specific
applications can be set.
Sophos SafeGuard
Encryption
ÌÌ Sophos SafeGuard Encryption provides role-based management to separate authorization levels, as well as
detailed logging of all access attempts.
Sophos UTM & NextGen Firewall (NGFW)
ÌÌ Sophos UTM & NGFW can control remote access authentication and user monitoring for remote access, with
logging of all access attempts.
Sophos UTM
ÌÌ Sophos UTM and Wireless Access Points can manage all authentication and access monitoring from clients
for access to the payment card environment, with logging of all access attempts.
WiFi Access Points
Sophos Mobile Control
ÌÌ Sophos Mobile Control creates detailed log events of all malicious activity on mobile systems, helping to
identify suspicious activity that may try to access cardholder data. Mobile Security Privacy and Security
Advisors alert users to apps that try to access the internet and various data sources.
All Sophos Products
ÌÌ All Sophos products are capable of generating security event logs that can be integrated into a centralized
monitoring program for incident detection and response.
REQUIREMENT EIGHT
Sophos UTM
Regularly test security
systems and processes
WiFi Access Points
ÌÌ Sophos UTM and Wireless Access Points can be centrally managed in the UTM interface, which can be
correlated with other scanning and discovery efforts for wireless access points and signal in the environment.
Sophos UTM & NextGen Firewall (NGFW)
ÌÌ Sophos UTM & NGFW includes robust intrusion detection and intrusion prevention policies that can be applied
to all traffic coming into the platform.
Secure Web Gateway
ÌÌ Secure Web Gateway monitors and blocks malware infections and execution, and also integrates
up-to-date threat intelligence on malicious sites from Sophos, acting as a web application intrusion detection
and prevention system.
Sophos UTM
Specifications and descriptions subject to change without notice. Sophos disclaims in full
all warranties and guarantees. This document and the information in it does not constitute
legal advice. Customers are solely responsible for compliance with all laws and regulations,
and should consult their own legal counsel for advice regarding such compliance.
United Kingdom and Worldwide Sales
Tel: +44 (0)8447 671131
Email: [email protected]
Oxford, UK
© Copyright 2016. Sophos Ltd. All rights reserved.
Registered in England and Wales No. 2096520, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, UK
Sophos is the registered trademark of Sophos Ltd. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
2015-10-18 BC-NA (RG)
North American Sales
Toll Free: 1-866-866-2802
Email: [email protected]
Australia and New Zealand Sales
Tel: +61 2 9409 9100
Email: [email protected]
Asia Sales
Tel: +65 62244168
Email: [email protected]
Related documents
Building Strong Customer Relationships with Quality Data Today
Building Strong Customer Relationships with Quality Data Today
Confucian Worries about the Aristotelian Sophos
Confucian Worries about the Aristotelian Sophos
Sophos UTM Licensing
Sophos UTM Licensing
The Presocratic Sophos - Philosophy 1510 All Sections
The Presocratic Sophos - Philosophy 1510 All Sections
Overview of IT Security at Nottingham
Overview of IT Security at Nottingham
Master of Science (Systems Engineering)
Master of Science (Systems Engineering)
Sophos Reporting Interface user guide
Sophos Reporting Interface user guide
Chapter 4
Chapter 4
Electronics Lesson 01 - School of Engineering and Computer
Electronics Lesson 01 - School of Engineering and Computer
Database Confidentiality
Database Confidentiality
department of anthropology and the study of religion
department of anthropology and the study of religion
Taking Control of Advanced Threats
Taking Control of Advanced Threats
Protection of outsou..
Protection of outsou..