Payment processing security has, in technology terms a long history. Toward the end of 2004, five major credit card companies (American Express, Discovery Financial Services, JCB International, MasterCard, and Visa Inc) collaborated together to create the Payment Card Industry Data Security Standard (PCI DSS) and all organisations dealing with payment processing regardless of size or number of transactions have a contractually obligation to meet this standard. PCI enforcement is upheld by the Federal Trade Commission (FTC) and the PCI Security Standards Committee (PCI SSC) which is made up of the five credit card companies listed above.
As the online purchases we make continues to drastically increase in volume (especially in the midst of a pandemic with countries in lockdown) so does the amount of credit card data stolen (in 2018 Marriott International announced a data breach impacting 500 million customers and again in 2018 more than 420,000 British Airways customers had their personal and financial data stolen). The “poor security arrangements” BA had in place cost them £20 million in fines with a similar fine levied on Marriot too.
If your organization deals with people’s personal data, then compliance to regulations is paramount and not an option and this is where Niagara Networks can support you. Our network intelligence set of tools can empower your network and security operations with cutting edge capabilities to inspect sensitive data, apply real-time policy rules and define intelligent masking on sensitive data for regulatory compliance. The masking feature on our award-winning Open Visibility Platform enables organizations to forward and share data traffic across multiple departments, or application to database flows, while at the same time providing them with the ability to mask private and confidential user information that is contained within. Masking permanently hides this data before sending it to the monitoring and security tools for analysis with the following benefits:
- Stops would-be hackers in their tracks as sensitive credit card details are obscured but the format of the credit card information is retained.
- Protects network and security engineers from being exposed to confidential data
- Can help support other compliance regulations such as GDPR (General Data Protection Regulation), HIPAA (Health Insurance Portability and Accountability Act and other types of information and monitoring compliance requirements
To conclude, by deploying Niagara Networks as part of your solution, regulatory and privacy compliance becomes easier because confidential sensitive data is never seen, processed in motion, or stored at rest by any of the tools the data is sent to.