Meeting PCI DSS Security Compliance Requirement Standards with Spirion
Payment Card Industry Data Security Standards (PCI DSS) compliance mandates that all organizations that accept, acquire, transmit, process, or store cardholder data must take appropriate steps to continuously safeguard all sensitive customer information.
Spirion provides PCI DSS security compliance solutions that secure and control enterprise data-at-rest, addressing critical portions of the PCI DSS 3.2 compliance control set for DSS Compliance Requirement 3: Protect stored cardholder data and Requirement 4: Encrypt transmission of cardholder data across open, public networks – while also supporting additional components of the PCI DSS compliance requirements. PCI DSS security compliance solutions address other requirements across multiple use cases within the PCI DSS 3.0 compliance requirements – automatically discovering and classifying unstructured files, structured databases as well as specific data or intellectual property within databases and files across traditional networks, cloud implementations and virtual environments.
Spirion provides a solution to help organizations discover, classify, monitor and respond in order to meet multiple PCI DSS security compliance requirements under the standard helping organizations meet PCI DSS 3.0 compliance requirements with an easy-to-deploy, centrally managed solution that integrates with your existing security infrastructure. Spirion’s open APIs allow integrations with your existing DLP tools, encryption software, data-archiving and storage solutions offered by leading technology providers such as Symantec, Intel Security and others to help increase the benefits from existing spend on these data security solutions.
Spirion Key features
Search everywhere and identify with zero false positives
- Reliable discovery results with industry leading accuracy and precision
- Searches local/shared/removable drives, cloud storage, e-mail servers, databases, web servers, SharePoint sites, Windows/Mac/Linux workstations, web sites and file servers.
- Searches within all file types structured and unstructured – Office files, text, images, scanned images, e-mail messages and attachments, archives, deleted files, Outlook archives, and compressed files.
Classify results persistently
- Classifies sensitive data by category and priority to amplify the need for administrators and/or data owners to manage and protect results. Embed classifications directly into files.
Secure unprotected information
- Secures results using a file shredder (based on DoD standard), redaction, encryption, or quarantine to a safe location.
Monitor and manage data operations centrally
- Identifies unprotected results as compared to what employees have already secured for trending analysis.
- Notifies data owners automatically
- Empowers employees to sanitize their data environment and monitors their progress with automated alerts and notifications without the extra staff burden.
Make employees part of the process
- Give employees access to classification add-ons in popular collaboration suites such as MS Office and Adobe Acrobat.
Highly scalable, flexible and secure architecture
- Highly scalable, open architecture that accommodates the growth of staff, processes and information across the enterprise.
- Enables organizations to scale and grow by providing the ability to orchestrate administrative and compliance processes consistently and globally.
- Integrates with Active Directory to simplify policy designation and group reporting
- Within an hour start seeing sensitive data results.
- Within a day create an inventory of sensitive data on all systems.
- Within a week implement a data loss prevention strategy for continuous data protection.