Does your organization need to meet PCI DSS requirements? Are you struggling with multiple security tools? Or stretching your already overstretched team to prepare for an audit? Time to hit the accelerator with Trend Micro!
If your applications deal with credit or payment card data, you need to go through a long and cumbersome certification process outlined by the Payment Card Industry (PCI).
The PCI Data Security Standard (DSS) requires annual audits to ensure appropriate security controls and processes are being used for any applications that deal with sensitive customer data.
If your applications are in the cloud, PCI compliance can be easier – as long as you choose the right service provider.
Infrastructure as a Service (IaaS) providers like AWS and Microsoft Azure have Level 1 PCI DSS certification. This means they have validated their security controls, people and processes with auditors and take care of many aspects that you would be responsible for if your application was in a physical data center.
If you also use third party Software as a Service (SaaS) offerings, they are included in the scope of your PCI audit! (as of the latest version 3 of the standard)
This means if you are using SaaS offerings for log management, automation, monitoring or security, they also need to be PCI DSS certified, even if the service doesn’t directly deal with cardholder data.
Today we’re happy to announce that Trend MicroTM Deep Security as a ServiceTM has gone through this process and is now a PCI DSS Level 1 Service Provider! This means you can streamline your PCI DSS certification process and take more items off of your to do list.
Deep Security as a Service removes the cost and effort of running the security management stack. All of your security policies and events are stored securely and managed by Trend Micro. Best of all you can get up and going with Deep Security as a Service in just a few minutes with our 30 day free trial.
Trend Micro has saved users months of resource time on PCI DSS projects by meeting many of the requirements with a single tool. A single agent provides critical controls that address multiple requirements like 11.4 Intrusion Prevention, 11.5 Integrity Monitoring, 5.1 Anti-malware and many, many more.
- For Guess?, Inc., Deep Security helped the company segment traffic and fulfill multiple PCI requirements rapidly.
- Coiney was able to achieve PCI DSS compliance for a payment service within a month!
For more detailed information on how Trend Micro Deep Security can help you accelerate PCI compliance, go here http://www.trendmicro.com/us/business/cloud-data/pci-dss-compliance/. You can download a detailed matrix of PCI requirements and how Deep Security can help address them – written by the PCI Qualified Security Assessor (QSA) Coalfire.
If you have questions or comments, reach me on Twitter: @justin_foster.