ScriptLogic.com: Windows Management…Point, Click, Done

Solutions
Compliance Center
  FDCC
  SOX
  HIPAA
  FISMA
  GLBA
  ITIL
  COBIT
  NIST 800-53 / FIPS 200
  ISO 17799
  PCI
Home » Solutions » Compliance » PCI Data Security Standard Solutions

PCI Data Security Standard


The Standard

The Payment Card Industry (PCI) Data Security Standard was developed by the PCI Security Standards Council, an independent council established by the five leading payment brands, to manage the PCI Data Security Standard. The standard provides a simple, and yet effective, six-step process for securing a network containing cardholder data. Its overall goal is to establish, maintain and continually test the security of the network to ensure cardholder information remains secure.


The Challenge

PCI’s effect on IT requires that an organization must secure all information related to cardholders, regardless of the location of the data. This means that to be PCI compliant, organizations must take steps to prevent inappropriate access to cardholder data by putting into place both proactive and reactive controls over IT systems.


The Solution

ScriptLogic solutions can assist in bringing every aspect of an organization’s Windows network into compliance in the areas of Active Directory, server and desktop security. The following actions can be performed with ScriptLogic solutions to meet PCI control objectives:

Manage Desktop Security
Desktop Authority is used to configure the Windows XP Firewall, protect against known vulnerabilities in the form of Spyware, as well as patching Microsoft and select third-party solutions on the desktop. Desktop Authority also is used to preserve physical security by locking the desktop of inactive users after they have left a workstation.
Manage Services
PCI mandates that passwords be secured which includes Windows service accounts. Additionally unused services can be disabled to further enhance security. Both can be accomplished with Security Explorer.
Ensure Proper Permissions in Active Directory
Active Administrator generates reports on Active Directory permissions, which can be used to identify inappropriate permissions. Permissions can be delegated with self-healing Active Templates, making assignment of permissions specific, consistent and enforced.
Comprehensive Windows Security Reporting
Enterprise Security Reporter gives insight into the security settings on NTFS, Shares, and Registries, while Active Administrator details the security settings in Active Directory. Additionally, Security Explorer can be used to provide reporting on just NTFS permissions. Each of these tools can be used to provide consistent and timely reporting covering critical security areas.
Audit File System Activity
Centrally monitor, report and alert on all file system activity with File System Auditor.
Audit Changes in Active Directory
Audit, report and notify on any change in Active Directory, such as password resets, group membership changes or Group Policy management with Active Administrator.
 White Papers
Implementing Payment Card Industry Compliance Controls with ScriptLogic

 Related Products
Desktop Authority
Active Administrator
Enterprise Security Reporter
Security Explorer
File System Auditor
Patch Deployment for Desktops

 Regulatory Resources
Payment Card Industry Data Security Standard

Home | Solutions | Products | Where to Buy | Support | Partners | Company
Active Administrator | Desktop Authority | Desktop Authority Image Center | BridgeTrak | Desktop Authority RM Gateway | Enterprise Security Reporter | File System Auditor | LiteSpeed
MSI Studio | Patch Authority Ultimate | Secure Copy | Security Explorer
Active Directory Management | Application Deployment | Desktop Management | Server Management | Software Inventory
Copyright ©2008 ScriptLogic Corporation | Terms of Use | Privacy Policy | Anti-Piracy Information | Site Map