Book description
The credit card industry established the PCI Data Security Standards to provide a minimum standard for how vendors should protect data to ensure it is not stolen by fraudsters. PCI Compliance, 3e, provides the information readers need to understand the current PCI Data Security standards, which have recently been updated to version 2.0, and how to effectively implement security within your company to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information. Security breaches continue to occur on a regular basis, affecting millions of customers and costing companies millions of dollars in fines and reparations. That doesn’t include the effects such security breaches have on the reputation of the companies that suffer attacks. PCI Compliance, 3e, helps readers avoid costly breaches and inefficient compliance initiatives to keep their infrastructure secure.
- Provides a clear explanation of PCI
- Provides practical case studies, fraud studies, and analysis of PCI
- The first book to address version 2.0 updates to the PCI DSS, security strategy to keep your infrastructure PCI compliant
Table of contents
- Cover image
- Title page
- Table of Contents
- Copyright
- Acknowledgements
- About the Authors
- Foreword
- Chapter 1. About PCI and This Book
- Chapter 2. Introduction to Fraud, Data Theft, and Related Regulatory Mandates
- Chapter 3. Why Is PCI Here?
- Chapter 4. Determining and Reducing the PCI Scope
- Chapter 5. Building and Maintaining a Secure Network
- Chapter 6. Strong Access Controls
-
Chapter 7. Protecting Cardholder Data
- What is Data Protection and Why is it Needed?
- Requirements Addressed in This Chapter
- PCI Requirement 3: Protect Stored Cardholder Data
- Requirement 3 Walk-Through
- What Else Can You Do to Be Secure?
- PCI Requirement 4 Walk-Through
- Requirement 12 Walk-Through
- Appendix A of PCI DSS
- How to Become Compliant and Secure
- Common Mistakes and Pitfalls
- Case Study
- Summary
- REFERENCES
- Chapter 8. Using Wireless Networking
- Chapter 9. Vulnerability Management
-
Chapter 10. Logging Events and Monitoring the Cardholder Data Environment
- PCI Requirements Covered
- Why Logging and Monitoring in PCI DSS?
- Logging and Monitoring in Depth
- PCI Relevance of Logs
- Logging in PCI Requirement 10
- Monitoring Data and Log for Security Issues
- Logging and Monitoring in PCI—All Other Requirements
- PCI DSS Logging Policies and Procedures
- Tools For Logging in PCI
- Other Monitoring Tools
- Intrusion Detection and Prevention
- Integrity Monitoring
- Common Mistakes and Pitfalls
- Case Study
- Summary
- Reference
- Chapter 11. PCI for the Small Business
- Chapter 12. Managing a PCI DSS Project to Achieve Compliance
- Chapter 13. Don’t Fear the Assessor
- Chapter 14. The Art of Compensating Control
- Chapter 15. You’re Compliant, Now What?
- Chapter 16. Emerging Technology and Alternative Payment Schemes
-
Chapter 17. Myths and Misconceptions of PCI DSS
- Myth #1 PCI Doesn’t Apply to Me
- Myth #2 PCI is Confusing and Ambiguous
- Myth #3 PCI DSS is Too Onerous
- Myth #4 Breaches Prove PCI DSS Irrelevant
- Myth #5 PCI is All We Need For Security
- Myth #6 PCI DSS is Really Easy
- Myth #7 My Tool is PCI Compliant Thus I Am Compliant
- Myth #8 PCI is Toothless
- Case Study
- Summary
- REFERENCES
- Index
Product information
- Title: PCI Compliance, 3rd Edition
- Author(s):
- Release date: September 2012
- Publisher(s): Syngress
- ISBN: 9781597499538
You might also like
book
PCI Compliance, 4th Edition
Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. …
book
PCI Compliance, 5th Edition
The Payment Card Industry Data Security Standard (PCI DSS) is now in its 18th year, and …
book
PCI Compliance
Although organizations that store, process, or transmit cardholder information are required to comply with payment card …
book
PCI Compliance
Identity theft has been steadily rising in recent years, and credit card data is one of …