Credit card data discovery
Credit card data discovery
Become PCI compliant with less effort – Find credit card data before others do
While e-commerce continues to grow, so too does the risk of fraud and data breaches, placing more emphasis upon organisations to defend against this risk and avoid potential financial losses. Not many businesses understand the value (and risk) of handling credit cardholder data until it’s too late – usually once the data has been stolen and the business is held responsible (and potentially liable) for the losses incurred. More often than not companies have no visibility of large quantities of unprotected data that is inadvertently stored on their systems. This is a significant business risk. Detecting and then managing this legacy data is a business imperative if companies want to comply with the Payment Card Industries Data Security Standards (PCI DSS). Once you have started using data discovery software, you have effectively reduced the cost and complexity of achieving and maintaining PCI DSS compliance. In many respects, our software acts as an early warning system, as it alerts key stakeholders to the fact that unprotected data has been created on their business systems. Understanding your credit card data landscape is the first step on the PCI DSS journey. Our cardholder data discovery software tool audits the storage of credit card data within your company network. It is a centralised PCI compliant management platform for identifying the storage of sensitive payment card data across organisations of all sizes. If you are looking to achieve and/or maintain PCI DSS Compliance this tool can reduce the costs, risks, and lead times associated with PCI compliance.
Simple Requires no advanced computer knowledge to use as it has an intuitive user interface, you can begin a full-featured cardholder data discovery search with no configuration or fine-tuning. It can be run by users of any level and requires little or no configuration in order to conduct a scan. This offers the ability for organisations to empower non-IT staff to perform scans of desktops or departmental service in order to verify security or otherwise of card storage practices. Powerful Every file on a computer is thoroughly scanned for cardholder data including any unencrypted (non-compliant) cardholder data within documents, emails, databases, log files and a wide variety of other storage formats. Searches everything: desktops, file servers, email servers, database servers, images, audio files, documents and more. If cardholder data is hiding, we will find it. Compatible Supported on 8 major software platforms commonly used to handle cardholder data including almost all offline and online storage locations, workstations, file servers, NAS and SAN devices, Exchange, Gmail, Lotus Notes, Oracle, Amazon AWS Cloud and more. Trustworthy Trusted by merchants, financial institutions and QSAs, it is the tool of choice for over 300 QSA’s and more than 2,500 merchants across 80 countries. Simplified PCI Compliance Reporting Reports specify the file, document, email and/or database table where cardholder data was found, so you can directly target problem areas and secure them. Reports can be exported in PDF, CSV, XML and raw text formats. Users benefit from clear easy to read results both on-screen and within compliance reports. The interface design is both intuitive yet simple allowing any findings to be reviewed and resolved. Powerful Remediation What happens after it completes a search? The software lets you easily remediate findings, ensuring that sensitive data can be redacted, quarantined or permanently deleted. Low CPU Usage Uses only minimal CPU resources and memory. It is designed to minimise any impact on users or production applications, so there is no need to schedule downtime. Production System Safe Given most systems that form part of PCI compliance scope are production in nature, the software is designed to be highly efficient in its allocation and usage of resources thereby making it safe for deployment within production environments. Facilitate PCI QSA on-site reviews faster Compliance reports can be used to show evidence to QSA’s of compliant storage practices therefore reducing the need for further manual review of in-scope systems. Saves you time and money.
Data Recon is a sensitive data discovery tool that assists companies to comply with Australian privacy laws and other compliance requirements by finding Personally Identifiable Information (PII) including Social Security Numbers (SSNs), Tax File Numbers (TFNs), passport numbers, national ID numbers, Medicare information, personal names, addresses and more.
Data Recon can be used to search for sensitive personal information on servers, workstations, and other supported storage devices to help you avoid becoming the next privacy data breach headline.
Please contact us to discuss your eCommerce or PCI DSS compliance requirements.