* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download PCI DSS Compliance Reference Card
Cloud computing issues wikipedia , lookup
Deep packet inspection wikipedia , lookup
Authentication wikipedia , lookup
Information privacy law wikipedia , lookup
Cryptography wikipedia , lookup
Next-Generation Secure Computing Base wikipedia , lookup
Mobile device forensics wikipedia , lookup
Data remanence wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Microsoft Security Essentials wikipedia , lookup
Distributed firewall wikipedia , lookup
Computer security wikipedia , lookup
Access control wikipedia , lookup
Security-focused operating system wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Wireless security wikipedia , lookup
Unix security wikipedia , lookup
PCI DSS Compliance Reference Card Payment Card Industry Data Security Standard (PCI DSS) v3.0 The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB. The standard covers all major areas of a security program in 12 sections. Requirement REQUIREMENT ONE Install and maintain a firewall configuration to protect cardholder data Sophos product Sophos UTM & NextGen Firewall (NGFW) How it helps meet compliance ÌÌ Sophos UTM & NGFW allows for granular rule-based traffic control to specific ports and services at perimeter ingress and egress points, and can control remote access authentication and user monitoring at the perimeter. ÌÌ Sophos UTM & NGFW can also be used to create granular and manageable firewall rule sets that specify addresses, ports, protocols, and specific application traffic and behavioral patterns. Sophos firewalls can also perform Network Address Translation (NAT), detect and block spoofed IP addresses, and perform stateful traffic inspection. Sophos Endpoint Protection ÌÌ Sophos Endpoint Protection includes a powerful local firewall and host-based intrusion detection and traffic control and monitoring, and creates detailed log events of all malicious activity on endpoint systems, helping to identify suspicious activity on systems that may be in scope for PCI DSS. REQUIREMENT TWO Sophos Email Appliance Protect stored cardholder data Sophos UTM ÌÌ Sophos Email Appliance leverages Sophos SPX encryption to dynamically encapsulate email content and attachments into a secure encrypted PDF. Sophos Mobile Control Sophos Secure Workspace REQUIREMENT THREE Encrypt transmission of cardholder data across open, public networks ÌÌ Sophos Secure Workspace App can encrypt documents within a secure container on a mobile device managed with SMC. SSW can dynamically encrypt content sent to cloud-based storage services and applications. SMC enforces device encryption and monitors compliance relative to encryption policy. Sophos SafeGuard Encryption ÌÌ Sophos SafeGuard Encryption can encrypt data on Macs, Windows, and mobile devices. SafeGuard can manage BitLocker and FileVault encryption, as well as encryption for USB sticks, cloud storage, file shares, memory cards, and CDs/DVDs. Role-based access control is available to separate user capabilities to manage or control encryption, and keys can be managed and stored separately with the SafeGuard Management Center. Sophos SafeGuard Encryption ÌÌ Sophos SafeGuard Encryption can encrypt data on Macs, Windows, and mobile devices. SafeGuard can manage BitLocker and FileVault encryption, as well as encryption for USB sticks, cloud storage, file shares, memory cards, and CDs/DVDs. All data encrypted with SafeGuard will remain encrypted as files are moved across the network. Sophos UTM ÌÌ Sophos UTM and Wireless Access Points can create dynamic encrypted WiFi sessions, protecting payment card data in transit. WiFi Access Points Sophos UTM & NextGen Firewall (NGFW) Sophos Email Appliance Sophos UTM ÌÌ Sophos UTM & NGFW allows for policy-based encryption for VPN tunnels, protecting payment card data in transit. ÌÌ Sophos Email Appliance and UTM includes the SPX encryption feature which allows encrypting of sensitive data automatically as files and content are emailed to parties outside the organization. PCI DSS Compliance Reference Card Payment Card Industry Data Security Standard (PCI DSS) v3.0 Requirement REQUIREMENT FOUR Protect all systems against malware and regularly update anti-virus software or programs Sophos product Sophos Antivirus for vShield ÌÌ Sophos Antivirus for vShield protects virtual servers and desktops from malware. Sophos Server Protection ÌÌ Sophos Server Protection protects standard physical (or virtual) servers from malware. Sophos for Microsoft SharePoint ÌÌ Sophos for Microsoft SharePoint provides malware file scanning and protection for SharePoint collaboration environments. Sophos for Network Storage ÌÌ Sophos for Network Storage scans file systems on storage platforms from EMC, NetApp and Oracle/Sun for malware. Sophos PureMessage ÌÌ Sophos PureMessage can detect and block email-based malware threats. Sophos Mobile Security ÌÌ Sophos Mobile Security for Android can protect users from malicious applications or potential threats within potentially unwanted applications (PUAs) downloaded by users. Cloud Mobile Security ÌÌ Sophos Cloud allows for cloud-based management of multiple anti-malware capabilities, including endpoint and server protection. Sophos Endpoint Protection ÌÌ Sophos Endpoint Protection includes traditional and next-generation (behavior- and analytics-based) malware protection, with frequent updates and real-time lookups. Secure Web Gateway ÌÌ Secure Web Gateway monitors and blocks web site access for malware infections and execution, and also integrates up-to-date threat intelligence on malicious sites from Sophos. Secure Email Gateway Sophos UTM Restrict access to cardholder data by business need to know ÌÌ Cloud Mobile Security provides a stand-alone app for third-party MDM solutions or can be integrated with Cloud Mobile and endpoint solutions. Sophos Cloud Sophos UTM REQUIREMENT FIVE How it helps meet compliance Sophos UTM & NextGen Firewall (NGFW) Sophos UTM ÌÌ Secure Email Gateway can detect and block viruses and known phishing emails that may include malware. ÌÌ Sophos UTM & NGFW can control remote access authentication and user monitoring with logging of all access. WiFi Access Points ÌÌ Sophos UTM and Wireless Access Points can provide a guest portal with full logging of all authentication and connection activity, including unique user accounts. Sophos SafeGuard Encryption ÌÌ Sophos SafeGuard Encryption provides role-based management to separate authorization levels, as well as detailed logging of all access attempts. PCI DSS Compliance Reference Card Payment Card Industry Data Security Standard (PCI DSS) v3.0 Requirement REQUIREMENT SIX Identify and authenticate access to system components REQUIREMENT SEVEN Track and monitor all access to network resources and cardholder data Sophos product How it helps meet compliance Sophos UTM & NextGen Firewall (NGFW) ÌÌ Sophos UTM & NGFW can facilitate 2-factor authentication for VPN connections, with granular RADIUS/TACACS integration. Sophos Mobile Control ÌÌ Sophos Mobile Control can enforce encryption and password policy. Device encryption features for iOS, Android, and Windows phones are supported as is Samsung Knox. Additional authentication for specific applications can be set. Sophos SafeGuard Encryption ÌÌ Sophos SafeGuard Encryption provides role-based management to separate authorization levels, as well as detailed logging of all access attempts. Sophos UTM & NextGen Firewall (NGFW) ÌÌ Sophos UTM & NGFW can control remote access authentication and user monitoring for remote access, with logging of all access attempts. Sophos UTM ÌÌ Sophos UTM and Wireless Access Points can manage all authentication and access monitoring from clients for access to the payment card environment, with logging of all access attempts. WiFi Access Points Sophos Mobile Control ÌÌ Sophos Mobile Control creates detailed log events of all malicious activity on mobile systems, helping to identify suspicious activity that may try to access cardholder data. Mobile Security Privacy and Security Advisors alert users to apps that try to access the internet and various data sources. All Sophos Products ÌÌ All Sophos products are capable of generating security event logs that can be integrated into a centralized monitoring program for incident detection and response. REQUIREMENT EIGHT Sophos UTM Regularly test security systems and processes WiFi Access Points ÌÌ Sophos UTM and Wireless Access Points can be centrally managed in the UTM interface, which can be correlated with other scanning and discovery efforts for wireless access points and signal in the environment. Sophos UTM & NextGen Firewall (NGFW) ÌÌ Sophos UTM & NGFW includes robust intrusion detection and intrusion prevention policies that can be applied to all traffic coming into the platform. Secure Web Gateway ÌÌ Secure Web Gateway monitors and blocks malware infections and execution, and also integrates up-to-date threat intelligence on malicious sites from Sophos, acting as a web application intrusion detection and prevention system. Sophos UTM Specifications and descriptions subject to change without notice. Sophos disclaims in full all warranties and guarantees. This document and the information in it does not constitute legal advice. Customers are solely responsible for compliance with all laws and regulations, and should consult their own legal counsel for advice regarding such compliance. United Kingdom and Worldwide Sales Tel: +44 (0)8447 671131 Email: [email protected] Oxford, UK © Copyright 2016. Sophos Ltd. All rights reserved. Registered in England and Wales No. 2096520, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, UK Sophos is the registered trademark of Sophos Ltd. All other product and company names mentioned are trademarks or registered trademarks of their respective owners. 2015-10-18 BC-NA (RG) North American Sales Toll Free: 1-866-866-2802 Email: [email protected] Australia and New Zealand Sales Tel: +61 2 9409 9100 Email: [email protected] Asia Sales Tel: +65 62244168 Email: [email protected]