, the fast-growing cyber security services provider and a PCI QSA company, has launched a free green paper on ‘PCI DSS: Reducing the cardholder data environment’. This new paper aims to help organisations who are required to comply with the PCI DSS reduce their card holder data environment (CDE), minimising compliance costs and resources. It is available for free download from www.itgovernance.co.uk/pci-dss-green-papers.aspx.
Scoping is especially beneficial when implementing a complex standard like the Payment Card Industry Data Security Standard (PCI DSS) v3.0, with its 246 requirements, many of which are highly technical. The standard recommends reducing the scope to an acceptable minimum to achieve maximum protection of the data and cost-effectiveness.
This free green paper provides step-by-step guidance as to how to scope the CDE. This includes information gathering, defining a perimeter, data flow analysis and more. It also provides methods for reducing the scope.
With the proliferation of cyber attacks, especially those aimed at stealing cardholder data, it is more important than ever that organisations handling this data ensure it is protected. Reducing the cardholder data environment not only helps do this, but it is also an important requirement of PCI DSS v3.0 with which organisations must comply.