Did you know that every time you swipe your Visa, Master Card or others, your personal, financial information travels over thousands of network routers and switches to complete the transaction?
Did you know that Visa recently reported that 40% of Level 1 and one-third of Level 2 merchants have now validated PCI compliance (Digital Transactions News, July 31)?
Did you know that you have a 60% chance you personal information is traveling over an unsecured Level 1 merchant’s network and a 67% chance it is traveling over an unsecured Level 2 merchant’s network?
Did you know that TJX Companies paid $256 million in fines, levies, lawsuits and court-ordered infrastructure repairs in the wake of the biggest data breach in history – 45, 700,000 individual cases?
Finally, did you know that in August this year more than 2.5 million data braches occurred, and that as of today more than 165 million breaches have been recorded?
According to industry experts, the reason it is so hard to secure these networks is because network device configuration changes need to be constantly managed, yet most of the time IT organizations are blind to the true state of the technology systems they manage. Indeed, leading industry analyst group Enterprise Management Associates has stated: “If configuration data is 95% accurate and 5% outdated, it is impossible to tell whether key configuration items are part of the 95% that is accurate or the 5% that is not.”
This is why Voyence, a leader in automated network change and configuration management solutions, has unveiled VoyenceControl PCI Advisor, a new offering which bridges the gap between PCI mandates and IT infrastructure. This new software actually goes beyond rudimentary change and configuration management capabilities and actually guides organizations through PCI, SOX, HIPAA and other compliance mandates.
The first product in the company’s new Compliance Advisory Series, the software removes the guesswork associated with ensuring network devices adhere to PCI mandates, a set of best practices which mandate that merchants must enhance data security and proactively protect customer account information at all points in the payment process. The software maps change and configuration data directly into embedded PCI DSS mandates to help ensure network devices stay compliant with repeatable processes and dynamic dashboard displays. It also eases audits with in-depth reports detailing how network devices adhere to each PCI DSS requirement.
In addition to the new product release, Voyence announced that it is now a Participating Organization of the Payment Card Industry (PCI) Security Standards Council. As such, the company will influence the direction of PCI standards through its involvement in the PCI Security Standards Council community.
“During the past year, personal data has been stolen from thousands of credit card holders, because networks were not locked down and there were no repeatable, best practices for ensuring that network devices were correctly configured,” said Darren Orzechowski, Voyence’s VP Marketing, in a press release. “Voyence’s PCI Advisor provides IT managers with best practices and templates for quickly and reliably achieving and verifying compliance with the PCI DSS, and more importantly removing significant risk, exposure and cost for companies and consumers.”
VoyenceControl PCI Compliance Advisor will be available starting in November. For more information, visit
www.voyence.com.
-------
Patrick Barnard is Associate Editor for Customer Interaction Solutions magazine and Assignment Editor for TMCnet. To see more of his articles, please visit Patrick Barnard’s columnist page.
Find Solutions for Enterprises, SMBs & Service Providers at the INTERNET TELEPHONY Conference and EXPO West, September 16-18, 2008. Los Angeles, California.
