Teramind for PCI DSS

take a guided tour

Financial data protection and data loss prevention on a unified platform

Payment Card Industry Data Security Standard (PCI DSS) regulates any business that collects or processes cardholder data. The overall objective of PCI compliance is to propagate data protection techniques and mitigate the risk of credit and debit card fraud, and to ensure the security and privacy of financial and personal information.

Failure to meet PCI DSS requirements may lead to substantial penalties and fines, suspension of credit card acceptance by a merchant’s credit card account provider, possible civil litigation from breached customers and other opportunity costs due to brand/reputation damage.

PCI has set six goals with twelve steps in Data Security Standard for its Merchants & Processors category. Further more, it has strict compliance validation and reporting requirements that involves verification and confirmation that the recommended security controls and procedures are in place and properly followed.

Teramind for PCI DSS helps organizations meet these compliance goals with its extensive user activity monitoring, data exfiltration protection, audit, reporting and forensics capabilities.

Teramind PCI DSS value diagram

Teramind for PCI DSS features:

  • Auto discovery of cardholder data:
    • Built-in templates for cardholder data, including: Personally Identifiable Information (PII), Personal Financial Information (PFI), CC numbers, bank a/c, ABN/swift codes and more.
    • ‘On the fly’ content discovery with advanced OCR and digital fingerprinting.
  • Protection from data breaches:
    • Real-time user activity monitoring prevents accidental or malicious insider threats and data breaches.
    • Enforce classified financial data rules for websites, apps, emails, social media etc.
    • Automatically warn, block or lock-out user if unauthorized access is detected.
    • Dynamic blackout feature protects accidental exposure of unprotected cardholder data.
  • Implement solid access control:
    • Apply Identity authentication and segregated access levels to minimize data compromises.
    • Restrict transfers of cardholder data on local, network, Cloud and external storage.
    • Monitor privileged users access to cardholder servers and databases.
  • Vulnerability and risk management:
    • Identify vulnerable employees, policies and system components.
    • Develop contingency plans with risk assessment and analytics.
  • Report on compliance (ROC):
    • Session recording and immutable log keep track of all user activity related to cardholder data.
    • Detailed reports of all data breach incidents, rule violations and what actions were taken.

Cyber threats and data breaches are at an all time high:

$150M+

estimated average cost of a data breach by 2020 as more business infrastructure gets connected. Source: Cybiant.

$500,000

is the maximum penalty per incident for security breaches when merchants are not PCI DSS compliant.

14.2M

credit card numbers were exposed in 2017, an 8X increase over 2016. Source: Experian.

$9.1B

is the value of payment card fraud losses in the USA in 2018. Source: Statista.

Effectively Detect, Investigate, and Report on Data Breaches

Teramind provides essential security monitoring capabilities to help you detect, investigate, and report on data breaches within retail/e-commerce or other card processing environments.

Identify

Teramind identifies cardholder data, financial and other sensitive information in structured and unstructured data across organization data stores, leveraging fingerprinting, OCR and other advanced capabilities.

Protect

Teramind leverages its activity monitoring and data loss prevention capabilities to defend sensitive data from unauthorized access, sharing, attack and misuse.

Detect

Teramind’s powerful behavior-based policy and rules engine casts a strong detection net over the entire organization, allowing for quick detection of insider threats and data breach incidents before it happens.

Respond

Real-time notification and immediate actions proactively defend against data exfiltration, malicious or accidental insider threats and data breaches. In case of an incident, pinpoint the exact cause and source of the incident with audit and forensic data in minutes.

Report

Provide burden of proof and meet record keeping requirements with detailed incident reports, alerts and session recordings. Exportable reports can be shared with Internal Security Assessor (ISA), Qualified Security Assessor (QSA) or used for Self-Assessment Questionnaire (SAQ) purposes.

Teramind for PCI DSS delivers data security for merchants and processors:

Instant activation of PCI DSS specific policies & rules

Teramind comes with PCI DSS specific policies and rules addressing many of the steps necessary to maintain the Data Security Standard for Merchants & Processors. More policies and rules can be created with powerful Policy Editor.

Built-in data discovery and classification

100s of templates for cardholder data, sensitive Personally Identifiable Information (PII) and Personally identifiable Financial Information (PIFI). Automated discover of content on the fly with advanced OCR and digital fingerprinting.

Access control and monitoring

Granular user activity monitoring, unique IDs, layered access control for local, network and Cloud resources are just a few examples how Teramind gives you full visibility and control over sensitive data.

Automated vulnerability management

Advanced behavior-based rule engine automatically prevents data loss and exfiltration events. Immediately get notified about harmful user activity or lock out user before any malicious or fraudulent attempt.

Reporting and audit

Detailed rule violation alerts, risk analysis reports, immutable logs and audit trails can serve as valuable sources for compliance reporting. Teramind makes your finding and observation tasks easier by identifying where card data is stores, how it’s accessed and finally prove that you have a system in place to enforce PCI data protection rules.

Flexible Deployment Options

On-premise - control the Teramind implementation in its entirety, stay off-cloud if that’s your firm’s operational model, leverage LDAP groups and users to identify which users and groups to apply which policies and rules to.

Teramind Private Cloud - use your own secure, scalable private cloud implementation including AWS, Google Cloud, Azure and more.

Teramind Cloud - trust us the management of the Teramind deployment and infrastructure. Only install Teramind Agents on the machines you want to monitor and set up your users, policies and rules and let us take care of the rest.

Interested? Try it! take a guided tour