Payment Card Industry(PCI)
The Payment Card Industry Data Security Standard (PCI-DSS) is a worldwide standard designed to protect payment card data. Created to help organisations that process card payments to prevent payment card fraud, it imposes strict data controls on all organisations that store, process or transmit payment card data from card brands.
The standard requires organisations to meet stringent requirements for the handling and safe keeping of data.
Organisations handling card data are obliged to protect the cardholder data. They are required to build and maintain a secure network that is regularly monitored and tested. These networks should have strong access controls and must comply with a maintained information security policy held by the organisation.
All card processing organisations are also obliged to maintain a vulnerability management programme. For organisations that fail to comply with these requirements, the penalties can involve:
- Insurance claims
- Cancelled accounts/replacement cards
- Payment card issuer fines
- License to process transactions could be revoked
Credit and debit card brands are getting stricter on PCI compliance with individual card providers choosing to increase fines they charge for data breaches. The ultimate risk resulting from a breach, for companies with a relationship with one or more of the card brands, is the loss of their ability to process credit card payments. Companies subject to a data breach may also be audited and could potentially be fined up to £100,000.
For more information on PCI Compliance down the whitepaper:
Data Classification – Delivering Security and Business Value
Boldon James’ internationally-recognised classification software can support organisations in protecting personal data by reducing the risk of a data breach through the use of Classifier360 classification. For example, a screen shot sent to another department may contain an individual’s address and credit card number and wouldn’t be picked up by most DLP solutions. However the user could mark the email as PCI-related to ensure that the information is handled confidentially in line with PCI requirements.
Boldon James Data Classification products support compliance with Payment Card Industry Data Security Standards by:
- Clearly identifying PCI-related information to assist or help enforce DLP
- Assisting with Enterprise search should an audit be required
- Identifying and triggering encryption, where required
What is Data Classification?
Boldon James Products
Our best-of-breed Data Classification solutions enable organisations to effectively manage data, streamline operations and proactively respond to regulatory change.
Incorporates data classification into the primary productivity tools of Microsoft Office, including Word, Excel, PowerPoint – and also Visio and Project
Brings the benefits of data classification to key design documents across a variety of CAD applications, including AutoCAD and Draftsight
Brings the benefits of user-centric data classification to organisations using Mac devices
Scans and classifies data-at-rest, data stored on-premise, or the Cloud in line with implemented Classifier policy
Provides users with the means to classify any file held in Windows File Store
Classify data stored within Microsoft SharePoint using the familiar and intuitive Classifier interface
Extends document classification into Box Cloud-based storage ensuring seamless document control regardless of its location
Adds message classification capabilities to Microsoft Outlook
Adds message classification capabilities to Lotus Notes
Brings classification to the Microsoft Outlook Web App, providing a consistent, intuitive experience to users
Extends classification to portable devices such as smartphones and tablets providing consistent classification, including iOS, Android and Windows
Works with Boldon James Classifier and SAFEmail solutions to stop the synchronisation of your most sensitive emails from Microsoft Exchange mailboxes
Enhances endpoint classification solutions by applying policy to every message sent and received within your organisation, internal or external, inbound or outbound
"User friendly Administration console helps to easily understand and implement classification"
Implementation is rather easier than other competitive products, administration console is also easier to understand and everything relevant to classification is there.
Also there are number of default templates and default messages to use with classification rules.
With unrivalled customer service and best-of-breed data protection and governance solutions,
we are helping many of the world’s most successful organisations take control of their business data.
Everyday, our customers enjoy more effective, secure and streamlined operations -
protecting their business critical information and reducing risk.
We integrate with powerful data security and governance ecosystems.
We protect business critical data, improve data control and reduce risk.
We deliver improved and streamlined business performance.
We are a “safe pair of hands” that constantly deliver success.