The Payment Card Industry (PCI) requires companies that process credit or debit card transactions to comply with 6 control objectives outlined in their Data Security Standard (DSS). These 6 objectives are:
These 6 objectives cover a total of 12 requirements that range from implementing safeguards such as firewall and anti-virus software, to implementing and maintaining strict policies for network and data security. Complying with these requirements can be a big job - especially for small- to medium-sized operations with limited IT resources. So it's important to have the right tools in place to make compliance as painless as possible.
Several of the requirements for PCI compliance have to do with implementing and maintaining firewalls throughout the network. After you've gotten past the "implementing" part, a firewall configuration management tool can help you keep things organized and running smoothly. It can even help with reports and inobtrusive access when the auditors come knocking. Here are a few of the high points of what such a tool can do to help:
One such tool recently came to SolarWinds by way of our acquisition of Athena Security: Firewall Security Manager (previously Athena FirePAC). For additional information about what FSM can do to help you maintain PCI compliance, check out the Athena Security Technology Brief, "PCI Compliance Audit Using SolarWinds Firewall Security Manager."