|
Angelo Comazzetto
Astaro
The Payment Card Industry Data Security Standard (PCI DSS) requires minimum standards of security from any organization that handles payment cards or credit cards. The details of the security requirements vary with the size of the organization, but in each case, three steps are required. 1. Risk Assessment 2. Safeguards Implementation based on the Risk Assessment 3. Vulnerability Assessment to measure the effectiveness of the Safeguards Implementation The automated Astaro Compliance Reporter provides a “formal risk assessment” as required by the DSS. Following the risk assessment, Astaro products and partners can then assist users to implement the safeguards recommended by the Astaro Compliance Report. The PCI Security Standards Council manages global training and certification programs for qualified security assessors (QSAs) and approved scanning vendors (ASVs). Vulnerability Assessment measures the effectiveness of the Safeguards Implementation. The results of the Vulnerability Assessment, usually required quarterly, are used to update and revise the Risk Assessment and turn the Circle of Compliance. Unified Threat Management solution for comprehensive perimeter security: * Network Security - Firewall, VPN and Intrusion Prevention * Web Security - URL Filtering, Malware Detection, Bandwidth Management and Application Control * Mail Security - Antispam, Antivirus, Antiphishing and Email Encryption * Deployment as hardware, software or virtual appliance Astaro Security Gateway provides these key features: • Web security: Exercise precise control over web access and the use of instant messaging and peer-to-peer applications, guarding against data threat scenarios while retaining the benefits of web communication. • Email security: Supports transparent email encryption and guards against incoming data threats from viruses, worms, phishing, and unwanted spam. Email is a vital communication tool; use it to your advantage while minimizing security risks. • Network security: Protects your network from a wide range of existing and emerging threats, including Trojans, botnets, port scams, denial of service attacks, and more. Easily adapts to newly recognized threats with add-on components. • Virtualization: The available virtual appliance supports operation in VMWare and other virtualized environments, using server resources more efficiently and reducing energy requirements in data centers.
Download
|