SlideShare una empresa de Scribd logo

Data Discovery and PCI DSS

Descargar como PPTX, PDF
ControlCase
ControlCase

In this 45 minute webinar ControlCase will discuss the following - What is Data Discovery - Why Data Discovery - PCI DSS requirements - Need for Data Discovery in the context of PCI DSS - Challenges in the Data Discovery space

Tecnología
1 de 24
Data Discovery and PCI DSS By Kishor Vaswani, CEO - ControlCase
Agenda • About Data Discovery • PCI DSS Requirements and need for Data Discovery in the context of PCI DSS • Challenges in the Data Discovery space • Q&A 1
About Data Discovery
Current Technology Environment • Servers – Windows, Unix etc. • Databases – SQL Server, Oracle etc. • Email • File systems 2
What is Data Discovery • Ability to identify and pinpoint sensitive data across › File Shares › Servers › Databases › Email › Log files › Etc. 3
Why is it important • GRC focuses on confidentiality, integrity and availability • Confidentiality is always focused on “Data” • Data that is sensitive must be protected, however the first step of that is to know where the data resides • Hence, it is important to identify where sensitive data resides 4
PCI DSS Requirements and Data Discovery
What is PCI DSS? Payment Card Industry Data Security Standard: • Guidelines for securely processing, storing, or transmitting payment card account data • Established by leading payment card issuers • Maintained by the PCI Security Standards Council (PCI SSC) 5
PCI DSS Requirements Control Objectives Requirements Build and maintain a secure network 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters Protect cardholder data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a vulnerability management program 5. Use and regularly update anti-virus software on all systems commonly affected by malware 6. Develop and maintain secure systems and applications Implement strong access control measures 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data Regularly monitor and test networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Maintain an information security policy 12. Maintain a policy that addresses information security 6
Protect Stored Cardholder Data You must ensure stored data is encrypted and protected. 7
PCI Council Advisory… • Importance of Updating Scope for PCI DSS Assessments There have been a number of high profile data compromises in the press recently. These reports serve as a daily reminder of the damage caused by compromises and of the need to keep business environments secure. Businesses evolve and change over time, and the scope of an entity's cardholder data environment must be reviewed and verified each time a PCI DSS assessment is undertaken. As has always been the case, many compromises are the result of businesses having data they weren't aware of. Please remember that scoping an assessment includes verifying that no cardholder data exists outside of the defined cardholder data environment. By ensuring the scope of an assessment is appropriate, the risk of data compromise is greatly reduced - a benefit to everyone involved. 8
Challenges in Data Discovery
Challenges • Deployment and agents › Can get expensive › Technologically complicated › Long deployment cycles › Databases are a challenge • False Positives › Luhn’s formula narrows down but is not full proof › Many schemes use Luhn’s formula to generate numbers › Separators and delimiters change 9
Challenges • Performance within production environments › Database load › Large number of records in databases › Active directory scanning › Emails storing cardholder data • Tokenization › Differentiation between tokens and real card numbers • Exclusions › Directories › Files › Extension types › Tables/Columns 10
Features to look for – Agentless/Credential Based 11
Features to look for – Database Search Capability 12
Features to look for – Remediation support 13
Features to look for – Delimiter definition 14
Features to look for – Performance tuning 15
Features to look for – Token exclusion capability 16
Features to look for – File/Directory Exclusion 17
Why Choose ControlCase? • Global Reach › Serving more than 400 clients in 40 countries and rapidly growing • Certified Resources › PCI DSS Qualified Security Assessor (QSA) › QSA for Point-to-Point Encryption (QSA P2PE) › Certified ASV vendor 18
To Learn More About PCI Compliance or Data Discovery… 19 • Visit www.controlcase.com • Call +1 703 483 6383 (North America) • Call +57 1 678 3716 (South America) • Call +44 1276 686 048 (Europe) • Call +971 4440 5958 (Middle East & Africa) • Call +91 982 029 3399 (Asia Pacific) • Kishor Vaswani (CEO) – kvaswani@controlcase.com
Thank You for Your Time

Recomendados

BigDataRevealed SecureSequesterEncrypt - iot easy as 1-2-3 - catalog-metadata...
BigDataRevealed SecureSequesterEncrypt - iot easy as 1-2-3 - catalog-metadata...BigDataRevealed SecureSequesterEncrypt - iot easy as 1-2-3 - catalog-metadata...
BigDataRevealed SecureSequesterEncrypt - iot easy as 1-2-3 - catalog-metadata...Steven Meister
 
Brochure Imperva Vormetric
Brochure Imperva VormetricBrochure Imperva Vormetric
Brochure Imperva VormetricMichelle Guerrero Montalvo
 
Secure Channels Financal Institution Presentation
Secure Channels Financal Institution PresentationSecure Channels Financal Institution Presentation
Secure Channels Financal Institution PresentationRichard Blech
 
Protective Monitoring
Protective MonitoringProtective Monitoring
Protective Monitoringjohandev
 
Alcumus ISOQAR PCIDSS Compliance Presentation
Alcumus ISOQAR PCIDSS Compliance PresentationAlcumus ISOQAR PCIDSS Compliance Presentation
Alcumus ISOQAR PCIDSS Compliance PresentationBhargav Upadhyay
 
PCI DSS: What it is, and why you should care
PCI DSS: What it is, and why you should carePCI DSS: What it is, and why you should care
PCI DSS: What it is, and why you should careSean D. Goodwin
 
PCI-DSS explained
PCI-DSS explainedPCI-DSS explained
PCI-DSS explainedEdwin_Bos
 
PCI DSS | PCI DSS Training | PCI DSS IMPLEMENTATION
PCI DSS | PCI DSS Training | PCI DSS IMPLEMENTATIONPCI DSS | PCI DSS Training | PCI DSS IMPLEMENTATION
PCI DSS | PCI DSS Training | PCI DSS IMPLEMENTATIONhimalya sharma
 

Recomendados

BigDataRevealed SecureSequesterEncrypt - iot easy as 1-2-3 - catalog-metadata...
BigDataRevealed SecureSequesterEncrypt - iot easy as 1-2-3 - catalog-metadata...BigDataRevealed SecureSequesterEncrypt - iot easy as 1-2-3 - catalog-metadata...
BigDataRevealed SecureSequesterEncrypt - iot easy as 1-2-3 - catalog-metadata...Steven Meister
 
Brochure Imperva Vormetric
Brochure Imperva VormetricBrochure Imperva Vormetric
Brochure Imperva VormetricMichelle Guerrero Montalvo
 
Secure Channels Financal Institution Presentation
Secure Channels Financal Institution PresentationSecure Channels Financal Institution Presentation
Secure Channels Financal Institution PresentationRichard Blech
 
Protective Monitoring
Protective MonitoringProtective Monitoring
Protective Monitoringjohandev
 
Alcumus ISOQAR PCIDSS Compliance Presentation
Alcumus ISOQAR PCIDSS Compliance PresentationAlcumus ISOQAR PCIDSS Compliance Presentation
Alcumus ISOQAR PCIDSS Compliance PresentationBhargav Upadhyay
 
PCI DSS: What it is, and why you should care
PCI DSS: What it is, and why you should carePCI DSS: What it is, and why you should care
PCI DSS: What it is, and why you should careSean D. Goodwin
 
PCI-DSS explained
PCI-DSS explainedPCI-DSS explained
PCI-DSS explainedEdwin_Bos
 
PCI DSS | PCI DSS Training | PCI DSS IMPLEMENTATION
PCI DSS | PCI DSS Training | PCI DSS IMPLEMENTATIONPCI DSS | PCI DSS Training | PCI DSS IMPLEMENTATION
PCI DSS | PCI DSS Training | PCI DSS IMPLEMENTATIONhimalya sharma
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
Data Sanitization and Disposal: Best Practices
Data Sanitization and Disposal: Best PracticesData Sanitization and Disposal: Best Practices
Data Sanitization and Disposal: Best PracticesAvritek
 
Data Sanitization: What, Why, When and How?
Data Sanitization: What, Why, When and How?Data Sanitization: What, Why, When and How?
Data Sanitization: What, Why, When and How?Baltimax
 
PCI DSS Basics - The Twelve Steps
PCI DSS Basics - The Twelve StepsPCI DSS Basics - The Twelve Steps
PCI DSS Basics - The Twelve StepsTerra Verde
 
Data Sanitization: When, Why & How
Data Sanitization: When, Why & How Data Sanitization: When, Why & How
Data Sanitization: When, Why & How Blancco
 
Spirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinSpirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinAnton Chuvakin
 
Webinar - PCI DSS Merchant Levels validations and applicable
Webinar - PCI DSS Merchant Levels validations and applicableWebinar - PCI DSS Merchant Levels validations and applicable
Webinar - PCI DSS Merchant Levels validations and applicableVISTA InfoSec
 
Q radar pci-v2-matrix
Q radar pci-v2-matrixQ radar pci-v2-matrix
Q radar pci-v2-matrixCMR WORLD TECH
 
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGPCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGhimalya sharma
 
Best Practices for implementing Database Security Comprehensive Database Secu...
Best Practices for implementing Database Security Comprehensive Database Secu...Best Practices for implementing Database Security Comprehensive Database Secu...
Best Practices for implementing Database Security Comprehensive Database Secu...Kal BO
 
PCI DSS v3 - Protecting Cardholder data
PCI DSS v3 - Protecting Cardholder dataPCI DSS v3 - Protecting Cardholder data
PCI DSS v3 - Protecting Cardholder dataInMobi Technology
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
Card fraud and compliance training
Card fraud and compliance trainingCard fraud and compliance training
Card fraud and compliance trainingethnos
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as UsualKimberly Simon MBA
 
DS_DCSpecs_Jacksonville_121115
DS_DCSpecs_Jacksonville_121115DS_DCSpecs_Jacksonville_121115
DS_DCSpecs_Jacksonville_121115Scott Wagner
 
Database security
Database security Database security
Database security Shivnandan Singh
 
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden WilliamsPCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden WilliamsAnton Chuvakin
 
Circuit security
Circuit securityCircuit security
Circuit securityPaperjam_redaction
 
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018Codemotion
 
Data Security
Data SecurityData Security
Data SecurityqmsWrapper
 
ControlCase Data Discovery and PCI DSS
ControlCase Data Discovery and PCI DSSControlCase Data Discovery and PCI DSS
ControlCase Data Discovery and PCI DSSControlCase
 
Data Discovery and PCI DSS
Data Discovery and PCI DSSData Discovery and PCI DSS
Data Discovery and PCI DSSControlCase
 

Más contenido relacionado

La actualidad más candente

Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
Data Sanitization and Disposal: Best Practices
Data Sanitization and Disposal: Best PracticesData Sanitization and Disposal: Best Practices
Data Sanitization and Disposal: Best PracticesAvritek
 
Data Sanitization: What, Why, When and How?
Data Sanitization: What, Why, When and How?Data Sanitization: What, Why, When and How?
Data Sanitization: What, Why, When and How?Baltimax
 
PCI DSS Basics - The Twelve Steps
PCI DSS Basics - The Twelve StepsPCI DSS Basics - The Twelve Steps
PCI DSS Basics - The Twelve StepsTerra Verde
 
Data Sanitization: When, Why & How
Data Sanitization: When, Why & How Data Sanitization: When, Why & How
Data Sanitization: When, Why & How Blancco
 
Spirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinSpirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinAnton Chuvakin
 
Webinar - PCI DSS Merchant Levels validations and applicable
Webinar - PCI DSS Merchant Levels validations and applicableWebinar - PCI DSS Merchant Levels validations and applicable
Webinar - PCI DSS Merchant Levels validations and applicableVISTA InfoSec
 
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGPCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGhimalya sharma
 
Best Practices for implementing Database Security Comprehensive Database Secu...
Best Practices for implementing Database Security Comprehensive Database Secu...Best Practices for implementing Database Security Comprehensive Database Secu...
Best Practices for implementing Database Security Comprehensive Database Secu...Kal BO
 
PCI DSS v3 - Protecting Cardholder data
PCI DSS v3 - Protecting Cardholder dataPCI DSS v3 - Protecting Cardholder data
PCI DSS v3 - Protecting Cardholder dataInMobi Technology
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
Card fraud and compliance training
Card fraud and compliance trainingCard fraud and compliance training
Card fraud and compliance trainingethnos
 
DS_DCSpecs_Jacksonville_121115
DS_DCSpecs_Jacksonville_121115DS_DCSpecs_Jacksonville_121115
DS_DCSpecs_Jacksonville_121115Scott Wagner
 
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden WilliamsPCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden WilliamsAnton Chuvakin
 
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018Codemotion
 

La actualidad más candente (20)

Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
 
Data Sanitization and Disposal: Best Practices
Data Sanitization and Disposal: Best PracticesData Sanitization and Disposal: Best Practices
Data Sanitization and Disposal: Best Practices
 
Data Sanitization: What, Why, When and How?
Data Sanitization: What, Why, When and How?Data Sanitization: What, Why, When and How?
Data Sanitization: What, Why, When and How?
 
PCI DSS Basics - The Twelve Steps
PCI DSS Basics - The Twelve StepsPCI DSS Basics - The Twelve Steps
PCI DSS Basics - The Twelve Steps
 
Data Sanitization: When, Why & How
Data Sanitization: When, Why & How Data Sanitization: When, Why & How
Data Sanitization: When, Why & How
 
Spirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton ChuvakinSpirit of PCI DSS by Dr. Anton Chuvakin
Spirit of PCI DSS by Dr. Anton Chuvakin
 
Webinar - PCI DSS Merchant Levels validations and applicable
Webinar - PCI DSS Merchant Levels validations and applicableWebinar - PCI DSS Merchant Levels validations and applicable
Webinar - PCI DSS Merchant Levels validations and applicable
 
Q radar pci-v2-matrix
Q radar pci-v2-matrixQ radar pci-v2-matrix
Q radar pci-v2-matrix
 
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGPCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
 
Best Practices for implementing Database Security Comprehensive Database Secu...
Best Practices for implementing Database Security Comprehensive Database Secu...Best Practices for implementing Database Security Comprehensive Database Secu...
Best Practices for implementing Database Security Comprehensive Database Secu...
 
PCI DSS v3 - Protecting Cardholder data
PCI DSS v3 - Protecting Cardholder dataPCI DSS v3 - Protecting Cardholder data
PCI DSS v3 - Protecting Cardholder data
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
 
Card fraud and compliance training
Card fraud and compliance trainingCard fraud and compliance training
Card fraud and compliance training
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as Usual
 
DS_DCSpecs_Jacksonville_121115
DS_DCSpecs_Jacksonville_121115DS_DCSpecs_Jacksonville_121115
DS_DCSpecs_Jacksonville_121115
 
Database security
Database security Database security
Database security
 
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden WilliamsPCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
PCI DSS Done RIGHT and WRONG by Anton Chuvakin and Branden Williams
 
Circuit security
Circuit securityCircuit security
Circuit security
 
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018
dev.privacy: GDPR in a nutshell - Evan Tedeschi - Codemotion Amsterdam 2018
 
Data Security
Data SecurityData Security
Data Security
 

Similar a Data Discovery and PCI DSS

ControlCase Data Discovery and PCI DSS
ControlCase Data Discovery and PCI DSSControlCase Data Discovery and PCI DSS
ControlCase Data Discovery and PCI DSSControlCase
 
Data Discovery and PCI DSS
Data Discovery and PCI DSSData Discovery and PCI DSS
Data Discovery and PCI DSSControlCase
 
Card Data Discovery and PCI DSS
Card Data Discovery and PCI DSSCard Data Discovery and PCI DSS
Card Data Discovery and PCI DSSKimberly Simon MBA
 
PCI DSS and PA DSS Version 3.0 Changes
PCI DSS and PA DSS Version 3.0 Changes PCI DSS and PA DSS Version 3.0 Changes
PCI DSS and PA DSS Version 3.0 Changes ControlCase
 
PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0ControlCase
 
Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891Risk Crew
 
PCI DSS & PA DSS Version 3.0 Changes Webinar
PCI DSS & PA DSS Version 3.0 Changes WebinarPCI DSS & PA DSS Version 3.0 Changes Webinar
PCI DSS & PA DSS Version 3.0 Changes WebinarControlCase
 
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008Denny Lee
 
Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightScale
 
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...DataStax
 
PCI DSS and PA DSS Compliance
PCI DSS and PA DSS CompliancePCI DSS and PA DSS Compliance
PCI DSS and PA DSS ComplianceControlCase
 
Data Services Marketplace
Data Services MarketplaceData Services Marketplace
Data Services MarketplaceDenodo
 
Aligning Application Security to Compliance
Aligning Application Security to ComplianceAligning Application Security to Compliance
Aligning Application Security to ComplianceSecurity Innovation
 
Tizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptTizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptwebhostingguy
 

Similar a Data Discovery and PCI DSS (20)

ControlCase Data Discovery and PCI DSS
ControlCase Data Discovery and PCI DSSControlCase Data Discovery and PCI DSS
ControlCase Data Discovery and PCI DSS
 
Data Discovery and PCI DSS
Data Discovery and PCI DSSData Discovery and PCI DSS
Data Discovery and PCI DSS
 
Card Data Discovery and PCI DSS
Card Data Discovery and PCI DSSCard Data Discovery and PCI DSS
Card Data Discovery and PCI DSS
 
Data Discovery and PCI DSS
Data Discovery and PCI DSSData Discovery and PCI DSS
Data Discovery and PCI DSS
 
PCI DSS and PA DSS
PCI DSS and PA DSSPCI DSS and PA DSS
PCI DSS and PA DSS
 
PCI DSS and PA DSS Version 3.0 Changes
PCI DSS and PA DSS Version 3.0 Changes PCI DSS and PA DSS Version 3.0 Changes
PCI DSS and PA DSS Version 3.0 Changes
 
PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0PCI DSS & PA DSS Version 3.0
PCI DSS & PA DSS Version 3.0
 
Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891
 
PCI DSS and PA DSS
PCI DSS and PA DSSPCI DSS and PA DSS
PCI DSS and PA DSS
 
PCI DSS & PA DSS Version 3.0 Changes Webinar
PCI DSS & PA DSS Version 3.0 Changes WebinarPCI DSS & PA DSS Version 3.0 Changes Webinar
PCI DSS & PA DSS Version 3.0 Changes Webinar
 
PCI DSS and PA DSS Compliance
PCI DSS and PA DSS CompliancePCI DSS and PA DSS Compliance
PCI DSS and PA DSS Compliance
 
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS Compliance
 
Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public CloudRightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public Cloud
 
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
Don’t Get Caught in a PCI Pickle: Meet Compliance and Protect Payment Card Da...
 
PCI DSS and PA DSS Compliance
PCI DSS and PA DSS CompliancePCI DSS and PA DSS Compliance
PCI DSS and PA DSS Compliance
 
Data Services Marketplace
Data Services MarketplaceData Services Marketplace
Data Services Marketplace
 
Aligning Application Security to Compliance
Aligning Application Security to ComplianceAligning Application Security to Compliance
Aligning Application Security to Compliance
 
PCI DSSand PA DSS
PCI DSSand PA DSSPCI DSSand PA DSS
PCI DSSand PA DSS
 
Tizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.pptTizor_Data-Best-Practices.ppt
Tizor_Data-Best-Practices.ppt
 

Más de ControlCase

Maintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish KirtikarMaintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish KirtikarControlCase
 
PCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdfPCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdfControlCase
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfControlCase
 
Integrated Compliance Webinar.pptx
Integrated Compliance Webinar.pptxIntegrated Compliance Webinar.pptx
Integrated Compliance Webinar.pptxControlCase
 
2022-Q2-Webinar-ISO_Spanish_Final.pdf
2022-Q2-Webinar-ISO_Spanish_Final.pdf2022-Q2-Webinar-ISO_Spanish_Final.pdf
2022-Q2-Webinar-ISO_Spanish_Final.pdfControlCase
 
French PCI DSS v4.0 Webinaire.pdf
French PCI DSS v4.0 Webinaire.pdfFrench PCI DSS v4.0 Webinaire.pdf
French PCI DSS v4.0 Webinaire.pdfControlCase
 
DFARS CMMC SPRS NIST 800-171 Explainer.pdf
DFARS CMMC SPRS NIST 800-171 Explainer.pdfDFARS CMMC SPRS NIST 800-171 Explainer.pdf
DFARS CMMC SPRS NIST 800-171 Explainer.pdfControlCase
 
Webinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptxWebinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptxControlCase
 
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdfControlCase
 
Webinar-Spanish-PCI DSS-4.0.pdf
Webinar-Spanish-PCI DSS-4.0.pdfWebinar-Spanish-PCI DSS-4.0.pdf
Webinar-Spanish-PCI DSS-4.0.pdfControlCase
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdfControlCase
 
PCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptxPCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptxControlCase
 
Webinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptxWebinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptxControlCase
 
HITRUST Certification
HITRUST CertificationHITRUST Certification
HITRUST CertificationControlCase
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC CertificationControlCase
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceControlCase
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and CertificationControlCase
 
PCI DSS Compliance Checklist
PCI DSS Compliance ChecklistPCI DSS Compliance Checklist
PCI DSS Compliance ChecklistControlCase
 
OneAudit™ - Assess Once, Certify to Many
OneAudit™ - Assess Once, Certify to ManyOneAudit™ - Assess Once, Certify to Many
OneAudit™ - Assess Once, Certify to ManyControlCase
 
Continuous Compliance Monitoring
Continuous Compliance MonitoringContinuous Compliance Monitoring
Continuous Compliance MonitoringControlCase
 

Más de ControlCase (20)

Maintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish KirtikarMaintaining Data Privacy with Ashish Kirtikar
Maintaining Data Privacy with Ashish Kirtikar
 
PCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdfPCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdf
 
ISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdfISO 27001 2002 Update Webinar.pdf
ISO 27001 2002 Update Webinar.pdf
 
Integrated Compliance Webinar.pptx
Integrated Compliance Webinar.pptxIntegrated Compliance Webinar.pptx
Integrated Compliance Webinar.pptx
 
2022-Q2-Webinar-ISO_Spanish_Final.pdf
2022-Q2-Webinar-ISO_Spanish_Final.pdf2022-Q2-Webinar-ISO_Spanish_Final.pdf
2022-Q2-Webinar-ISO_Spanish_Final.pdf
 
French PCI DSS v4.0 Webinaire.pdf
French PCI DSS v4.0 Webinaire.pdfFrench PCI DSS v4.0 Webinaire.pdf
French PCI DSS v4.0 Webinaire.pdf
 
DFARS CMMC SPRS NIST 800-171 Explainer.pdf
DFARS CMMC SPRS NIST 800-171 Explainer.pdfDFARS CMMC SPRS NIST 800-171 Explainer.pdf
DFARS CMMC SPRS NIST 800-171 Explainer.pdf
 
Webinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptxWebinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptx
 
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
 
Webinar-Spanish-PCI DSS-4.0.pdf
Webinar-Spanish-PCI DSS-4.0.pdfWebinar-Spanish-PCI DSS-4.0.pdf
Webinar-Spanish-PCI DSS-4.0.pdf
 
2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf2022 Webinar - ISO 27001 Certification.pdf
2022 Webinar - ISO 27001 Certification.pdf
 
PCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptxPCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptx
 
Webinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptxWebinar - CMMC Certification.pptx
Webinar - CMMC Certification.pptx
 
HITRUST Certification
HITRUST CertificationHITRUST Certification
HITRUST Certification
 
CMMC Certification
CMMC CertificationCMMC Certification
CMMC Certification
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP Marketplace
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and Certification
 
PCI DSS Compliance Checklist
PCI DSS Compliance ChecklistPCI DSS Compliance Checklist
PCI DSS Compliance Checklist
 
OneAudit™ - Assess Once, Certify to Many
OneAudit™ - Assess Once, Certify to ManyOneAudit™ - Assess Once, Certify to Many
OneAudit™ - Assess Once, Certify to Many
 
Continuous Compliance Monitoring
Continuous Compliance MonitoringContinuous Compliance Monitoring
Continuous Compliance Monitoring
 

Último

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Último (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Data Discovery and PCI DSS

  • 1. Data Discovery and PCI DSS By Kishor Vaswani, CEO - ControlCase
  • 2. Agenda • About Data Discovery • PCI DSS Requirements and need for Data Discovery in the context of PCI DSS • Challenges in the Data Discovery space • Q&A 1
  • 4. Current Technology Environment • Servers – Windows, Unix etc. • Databases – SQL Server, Oracle etc. • Email • File systems 2
  • 5. What is Data Discovery • Ability to identify and pinpoint sensitive data across › File Shares › Servers › Databases › Email › Log files › Etc. 3
  • 6. Why is it important • GRC focuses on confidentiality, integrity and availability • Confidentiality is always focused on “Data” • Data that is sensitive must be protected, however the first step of that is to know where the data resides • Hence, it is important to identify where sensitive data resides 4
  • 7. PCI DSS Requirements and Data Discovery
  • 8. What is PCI DSS? Payment Card Industry Data Security Standard: • Guidelines for securely processing, storing, or transmitting payment card account data • Established by leading payment card issuers • Maintained by the PCI Security Standards Council (PCI SSC) 5
  • 9. PCI DSS Requirements Control Objectives Requirements Build and maintain a secure network 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters Protect cardholder data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a vulnerability management program 5. Use and regularly update anti-virus software on all systems commonly affected by malware 6. Develop and maintain secure systems and applications Implement strong access control measures 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data Regularly monitor and test networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Maintain an information security policy 12. Maintain a policy that addresses information security 6
  • 10. Protect Stored Cardholder Data You must ensure stored data is encrypted and protected. 7
  • 11. PCI Council Advisory… • Importance of Updating Scope for PCI DSS Assessments There have been a number of high profile data compromises in the press recently. These reports serve as a daily reminder of the damage caused by compromises and of the need to keep business environments secure. Businesses evolve and change over time, and the scope of an entity's cardholder data environment must be reviewed and verified each time a PCI DSS assessment is undertaken. As has always been the case, many compromises are the result of businesses having data they weren't aware of. Please remember that scoping an assessment includes verifying that no cardholder data exists outside of the defined cardholder data environment. By ensuring the scope of an assessment is appropriate, the risk of data compromise is greatly reduced - a benefit to everyone involved. 8
  • 12. Challenges in Data Discovery
  • 13. Challenges • Deployment and agents › Can get expensive › Technologically complicated › Long deployment cycles › Databases are a challenge • False Positives › Luhn’s formula narrows down but is not full proof › Many schemes use Luhn’s formula to generate numbers › Separators and delimiters change 9
  • 14. Challenges • Performance within production environments › Database load › Large number of records in databases › Active directory scanning › Emails storing cardholder data • Tokenization › Differentiation between tokens and real card numbers • Exclusions › Directories › Files › Extension types › Tables/Columns 10
  • 15. Features to look for – Agentless/Credential Based 11
  • 16. Features to look for – Database Search Capability 12
  • 17. Features to look for – Remediation support 13
  • 18. Features to look for – Delimiter definition 14
  • 19. Features to look for – Performance tuning 15
  • 20. Features to look for – Token exclusion capability 16
  • 21. Features to look for – File/Directory Exclusion 17
  • 22. Why Choose ControlCase? • Global Reach › Serving more than 400 clients in 40 countries and rapidly growing • Certified Resources › PCI DSS Qualified Security Assessor (QSA) › QSA for Point-to-Point Encryption (QSA P2PE) › Certified ASV vendor 18
  • 23. To Learn More About PCI Compliance or Data Discovery… 19 • Visit www.controlcase.com • Call +1 703 483 6383 (North America) • Call +57 1 678 3716 (South America) • Call +44 1276 686 048 (Europe) • Call +971 4440 5958 (Middle East & Africa) • Call +91 982 029 3399 (Asia Pacific) • Kishor Vaswani (CEO) – kvaswani@controlcase.com
  • 24. Thank You for Your Time