Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
6 ways reduce pci dss audit scope tokenizing cardholder data
1. Interested in learning
more about security?
SANS Institute
InfoSec Reading Room
This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission.
Six Ways to Reduce PCI DSS Audit Scope by
Tokenizing Cardholder data
Enterprises are seeking ways to simplify and reduce the scope of the Payment Card industry's data
security standard (PCi dss) compliance by shrinking the footprint where cardholder data is located
throughout their organization. By reducing the scope, these enterprises can dramatically lower the cost and
anxiety of PCi dss compliance and significantly increase the chance of audit success. Compliance with
the PCi dss is a combination of documented best practices and technology solutions that protect ca...
Copyright SANS Institute
Author Retains Full Rights
AD
2. A NUBRIDGES WHITE PAPER
Six Ways to Reduce PCI DSS Audit Scope
by Tokenizing Cardholder Data
Enterprises are seeking ways to simplify and reduce the scope of the Payment Card Industry’s
Data Security Standard (PCI DSS) compliance by shrinking the footprint where cardholder
data is located throughout their organization. By reducing the scope, these enterprises can
dramatically lower the cost and anxiety of PCI DSS compliance and signi cantly increase the
chance of audit success.
Compliance with the PCI DSS is a combination of documented best practices and technology
solutions that protect cardholder data across the enterprise. This paper explores the use of
tokenization as a best practice in improving the security of credit card transactions, while at the
same time minimizing the cost and complexity of PCI DSS compliance by reducing audit scope.
10. Last Updated: October 17th, 2012
Upcoming SANS Training
Click Here for a full list of all Upcoming SANS Events by Location
SANS Chicago 2012 Chicago, ILUS Oct 27, 2012 - Nov 05, Live Event
2012
SANS South Africa 2012 Johannesburg, ZA Oct 29, 2012 - Nov 06, Live Event
2012
SANS Bangalore 2012 Bangalore, IN Oct 29, 2012 - Nov 03, Live Event
2012
SANS Tokyo Autumn 2012 Tokyo, JP Nov 05, 2012 - Nov 10, Live Event
2012
SANS Korea 2012 Seoul, KR Nov 05, 2012 - Nov 13, Live Event
2012
FOR526 Beta Denver, COUS Nov 05, 2012 - Nov 09, Live Event
2012
SANS San Diego 2012 San Diego, CAUS Nov 12, 2012 - Nov 17, Live Event
2012
SANS Sydney 2012 Sydney, AU Nov 12, 2012 - Nov 20, Live Event
2012
SANS London 2012 London, GB Nov 26, 2012 - Dec 03, Live Event
2012
SANS San Antonio 2012 San Antonio, TXUS Nov 27, 2012 - Dec 02, Live Event
2012
European SCADA and Process Control System Security Barcelona, ES Dec 05, 2012 - Dec 11, Live Event
Summit 2012
SANS
2012 Cyber Defense Initiative 2012 Washington, DCUS Dec 07, 2012 - Dec 16, Live Event
2012
SANS Egypt 2012 Cairo, EG Dec 08, 2012 - Dec 20, Live Event
2012
Mobile Device Security Summit 2013 Anaheim, CAUS Jan 07, 2013 - Jan 14, Live Event
2013
Virtualization and Cloud Computing Summit 2013 Anaheim, CAUS Jan 07, 2013 - Jan 14, Live Event
2013
SEC528: SANS Training Program for the CompTIA New Washington, DCUS Jan 07, 2013 - Jan 11, Live Event
Advanced Security Practitioner Certification 2013
SANS Security East 2013 New Orleans, LAUS Jan 16, 2013 - Jan 23, Live Event
2013
SANS South Africa 2012 - Cape Town OnlineZA Oct 26, 2012 - Oct 27, Live Event
2012
SANS OnDemand Books & MP3s OnlyUS Anytime Self
Paced