PCI Standards: Data Masking and Transformation to Improve Testing Environment
The Payment Card Industry (PCI) Standard applies to all members, merchants and service providers that store, process and transmit credit card information. The PCI Standard also outlines 12 requirements governing secure networks, cardholder data protection and the implementation of strong access controls, particularly in regard to the testing and development environment. The new regulations have left many companies searching for solutions to avoid heavy fines and penalties for data and security breaches.
The PCI Standard specifically requires companies to mask credit card numbers in their test environments and data de-identification allows these companies to meet this requirement. In addition, many other regulations such as the Gramm-Leach-Bliley Act (GLBA) and the Health Insurance Portability and Accountability Act (HIPAA) require data protection in all areas of the enterprise.
|
|
IBM® Optim™ addresses these problems by de-identifying test data, systematically masking or transforming data elements that could be used to identify an individual. Developers and testers can use realistic test data and produce valid test results, while still complying with privacy protection rules. Optim’s
Data Privacy Transformation Library supports generating valid,
masked values to de-identify some of the most important customer
information, such as social security numbers, credit card numbers
and e-mail addresses.
On Demand Webcasts
Abysmal: The State of Data Retention
»
Addressing an Overlooked and Exploited Portion of the PCI DSS
»
Creating a Secure Test Environment Podcast (MP3 format)
»
Protecting Sensitive Customer Data Before It’s Too Late! …
Featuring a MasterCard Perspective
»
The Easiest Way to Expose Private Data ... And How to Prevent It
» |
