PCI compliance : understand and implement effective PCI data security standard compliance.: understand and implement effective PCI data security standard compliance. (2022)
- Record Type:
- Book
- Title:
- PCI compliance : understand and implement effective PCI data security standard compliance.: understand and implement effective PCI data security standard compliance. (2022)
- Main Title:
- PCI compliance : understand and implement effective PCI data security standard compliance.
- Authors:
- Williams, Branden R
Adamson, James - Contents:
- 1. About PCI and This Book Who should read the book? How to Use the Book in Your Daily Job. What This Book is Not. How to use this book? Organization of the Book. Summary. 2. Introduction to Fraud, ID Theft, and Regulatory Mandates Summary 3. Why is PCI Here? What is PCI DSS and Who Must Comply? Electronic Card Payment Ecosystem. Goal of PCI DSS. Applicability of PCI DSS. PCI DSS in Depth. Quick Overview of PCI Requirements. What’s New in PCI DSS 4.0. PCI DSS and Risk. Benefits of Compliance. Case Study. Summary. 4. Determining AND Reducing Your PCI Scope The Basics of PCI DSS Scoping. The "Gotchas" of PCI Scope. Scope Reduction Tips. Planning your PCI Project. Case Study. Summary. 5. Building and Maintaining a Secure Network Which PCI DSS Requirements Are in This Domain? What Else Can You Do to Be Secure? Tools & Best Practices. Common Mistakes & Pitfalls. Case Study. Summary. 6. Strong Access Controls Which PCI DSS Requirements Are in This Domain? What Else Can You Do to Be Secure? Tools & Best Practices. Common Mistakes & Pitfalls. Case Study. Summary. 7. Protect Cardholder Data What is Data Protection and Why is it Needed? Requirements Addressed in This Chapter. Requirement 3: Protect Stored Account Data. Requirement 3 Walk-Through. What Else Can You Do to Be Secure? Requirement 4 Walk-Through. Requirement 12 Walk-Through. How to Become Compliant and Secure. Common Mistakes and Pitfalls. Case Study. Summary. 8. Using Wireless Networking What is Wireless Network Security?1. About PCI and This Book Who should read the book? How to Use the Book in Your Daily Job. What This Book is Not. How to use this book? Organization of the Book. Summary. 2. Introduction to Fraud, ID Theft, and Regulatory Mandates Summary 3. Why is PCI Here? What is PCI DSS and Who Must Comply? Electronic Card Payment Ecosystem. Goal of PCI DSS. Applicability of PCI DSS. PCI DSS in Depth. Quick Overview of PCI Requirements. What’s New in PCI DSS 4.0. PCI DSS and Risk. Benefits of Compliance. Case Study. Summary. 4. Determining AND Reducing Your PCI Scope The Basics of PCI DSS Scoping. The "Gotchas" of PCI Scope. Scope Reduction Tips. Planning your PCI Project. Case Study. Summary. 5. Building and Maintaining a Secure Network Which PCI DSS Requirements Are in This Domain? What Else Can You Do to Be Secure? Tools & Best Practices. Common Mistakes & Pitfalls. Case Study. Summary. 6. Strong Access Controls Which PCI DSS Requirements Are in This Domain? What Else Can You Do to Be Secure? Tools & Best Practices. Common Mistakes & Pitfalls. Case Study. Summary. 7. Protect Cardholder Data What is Data Protection and Why is it Needed? Requirements Addressed in This Chapter. Requirement 3: Protect Stored Account Data. Requirement 3 Walk-Through. What Else Can You Do to Be Secure? Requirement 4 Walk-Through. Requirement 12 Walk-Through. How to Become Compliant and Secure. Common Mistakes and Pitfalls. Case Study. Summary. 8. Using Wireless Networking What is Wireless Network Security? Where is Wireless Network Security in PCI DSS? Why Do We Need Wireless Network Security? Tools and Best Practices. Common Mistakes and Pitfalls. Case Study. Summary. 9. Vulnerability Management and Testing PCI DSS Requirements Covered. Vulnerability Management in PCI DSS. PCI DSS Requirement 5 Walk-Through. PCI DSS Requirement 6 Walk-Through. PCI DSS Requirement 11 Walk-Through. Internal Vulnerability Scanning. Common PCI Vulnerability Management Mistakes. Case Study. Summary. 10. Logging Events and Monitoring the Cardholder Data Environment PCI DSS Requirements Covered. Why Logging and Monitoring in PCI DSS? Logging and Monitoring in Depth. PCI Relevance of Logs. Logging in PCI DSS Requirement 10. Monitoring Data and Logs for Security Issues. Logging and Monitoring in PCI—All Other Requirements. PCI DSS Logging Policies and Procedures. Tools for Logging in PCI. Other Monitoring Tools. Intrusion Detection and Prevention. Integrity Monitoring. Common Mistakes and Pitfalls. Case Study. Summary. 11. Cloud and Virtualization Cloud Basics. PCI Cloud Examples. So, Can I Use Cloud Resources in PCI DSS Environments? Containers and Kubernetes. Maintaining and Assessing PCI DSS in the Cloud. Tools and Best Practices. Summary. 12. Mobile Where is it Addressed in PCI DSS 4.0? What Guidance Is Available? Deploying the Technology Safely. Case Study. Summary. 13. PCI DSS for the Small Business The Risks of Credit Card Acceptance. New Business Considerations. Your POS is Like My POS! A Basic Scheme for SMB Technology Hardening. Case Study. Summary 14. PCI DSS for the Service Provider Why do Service Providers have More Requirements? Variation on a Theme, or What Service Providers Should Care About. Service Provider Specific Requirements. Case Study. Summary. 15. Managing a PCI DSS Project to Achieve Compliance Justifying a Business Case for Compliance. Bringing the Key Players to the Table. Budgeting Time and Resources. Educate Staff. Project QuickStart Guide. The PCI SSC Prioritized Approach. The Visa TIP (maybe remove this as a subhead). Summary. 16. Don’t Fear the Assessor Remember, Assessors are Generally There to Help. Dealing with Assessors’ Mistakes. Planning for Remediation. Planning for Re-assessing. Summary 17. The Art of Compensating Control What is a Compensating Control? Where are Compensating Controls in PCI DSS? What a Compensating Control is Not. Funny Controls You Didn’t Design. How to Create a Good Compensating Control. Case Studies. Summary 18. You’re Compliant, Now What? Security is a Process, Not an Event. Plan for Periodic Review and Training. PCI Requirements with Periodic Maintenance. PCI Self-Assessment. Case Study. Summary. 19. Emerging Technology and Alternative Payment Schemes Emerging Payment Schemes. Predictions. Taxonomy and Tidbits. Case Study. Summary. 20. PCI DSS Myths and Misconceptions Myth #1 PCI Doesn’t Apply to Me. Myth #2 PCI is Confusing and Ambiguous. Myth #3 PCI DSS is Too Onerous. Myth #4 Breaches Prove PCI DSS Irrelevant. Myth #5 PCI is All We Need for Security. Myth #6 PCI DSS is Really Easy. Myth #7 My Tool is PCI Compliant Thus I Am Compliant. Myth #8 PCI is Toothless. Case Study. Summary. 21. Final Thoughts A Quick Summary. On Time Travel. Interact With Us! … (more)
- Edition:
- Fifth edition
- Publisher Details:
- Boca Raton : CRC Press
- Publication Date:
- 2022
- Extent:
- 1 online resource, illustrations (black and white, and colour)
- Subjects:
- 005.8
Data protection -- Standards - Languages:
- English
- ISBNs:
- 9781000822342
9781000822328 - Related ISBNs:
- 9780367570026
9780367570033 - Notes:
- Note: Includes bibliographical references and index.
Note: Description based on CIP data; resource not viewed. - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.738175
- Ingest File:
- 15_017.xml