Vormetric Announces Detailed CoalFire Guidance on Preparing for PCI DSS 3.0 within AWS
Satisfying PCI DSS 3.0 Controls with the Vormetric Data Security Platform
SAN JOSE, Calif. – March 27, 2014 – Vormetric, a leader in enterprise data security for physical, virtual and cloud environments, today announced that leading PCI-qualified security assessor and independent IT audit firm Coalfire® has released guidance for using Vormetric Data Security Platform to satisfy Payment Card Industry Data Security Standard (PCI DSS) 3.0 requirements in sections 3, 7, 8, 9, 10 & 11. This control mapping and guidance allows Vormetric and Amazon customers around the globe to reap the flexibility and financial advantages afforded by Amazon Web Services offerings, while maintaining confidence in the safe handling of cardholder data (CHD) and in their ability to meet even the most stringent audit requirements.
“PCI DSS 3.0 was published in November 2013 and became effective January first this year. We have found that the Vormetric Data Security Platform with its advanced encryption, key management, logging and access control capabilities for data security satisfies many of the controls spelled out by PCI DSS 3.0 for applicability in both Amazon Web Services and in other environments,” said Noah Weisberger, Coalfire’s Cloud and Virtualization Practice Leader. ”Completing any security or compliance audit can be challenging and PCI compliance audits can be especially difficult for most organizations. Selecting vendors and technologies that can satisfy many requirements across multiple mandates can significantly reduce the efforts required to pass audits, accelerate the compliance process and also assist in reducing implementation costs.”
The PCI DSS standard provides baseline defense-in-depth structure for developing a robust account data security process - including preventing, detecting and reacting to security incidents. However, achieving PCI compliance is far from a simple task. Navigating the current landscape of information systems and adequately fulfilling all 12 of the PCI DSS requirements can quickly become a daunting task. Merchants and service providers are required to validate compliance by assessing their environment against 415 specific test controls. In addition to potentially serious brand reputation issues, failure to meet PCI requirements may lead to fines, penalties, and/or the inability to process credit cards.
“This announcement underscores Vormetric’s continued commitment to invest in Amazon Marketplace ready solutions,” said Sol Cates, Vormetric’s CSO. “Clearly, we support enterprise customers’ growing desire to extend their production applications into AWS. For any enterprise that processes credit card payments, this PCI DSS 3.0 mapping and solution guidance from Coalfire provides important peace of mind. If customers use Vormetric Data Security technology within AWS, they can be confident that their sensitive data is protected.”
Access the complete Coalfire white paper with detailed PCI DSS 3.0 solution guidance for the Vormetric Data Security Platform in AWS here.
Vormetric (@Vormetric) is the industry leader in data security solutions that span physical, virtual and cloud environments. Vormetric helps over 1300 customers, including 17 of the Fortune 25 and many of the world’s most security conscious government organizations, to meet compliance requirements and protect what matters —their sensitive data —from both internal and external threats. The company’s scalable solution protects any file, any database and any application — within enterprise data center, cloud, big data environments — with a high performance, market-leading Vormetric Data Security Platform that incorporates application transparent encryption, access controls and security intelligence. Vormetric – because data can’t defend itself.
Jonathan Mathias / Kasia Murphy
+44 (0)20 7401 7968
VormetricTeam@johnsonking.co.ukVormetric South Korea
+82 2 566 - 8898
Vormetric is a trademark of Vormetric, Inc