The PCI DSS security requirements apply to all “system components”. A system component is defined as any network component, server, or application that is included in or connected to the cardholder data environment. The cardholder data environment is that part of the network that possesses cardholder data or sensitive authentication data. Adequate network segmentation, which isolates systems that store, process, or transmit cardholder data from the rest of the network, may reduce the scope of the card holder data environment. A service provider or merchant may find it beneficial to utilize a third party such as Seccom Global who already has the expertise in developing and implementing such solutions. Seccom Global can manage components of the network such as Routers, Firewalls, Databases, Authentication, Servers, Disaster Recovery and Visiblity and Compliance Reporting. Mandatory vulnerability assessments and penetration tests also need to be carried out by a third party; hence Seccom Global is a logical choice.
The deadlines for achieving compliance vary depending on which of the five payment card issuers is used. MasterCard has mandated that Australian merchants and service providers should already be compliant as of December 31, 2008, whereas Visa has indicated that compliance should be achieved by September 30, 2010. Other issuers have not published compliance target dates for merchants and service providers in Australia
To recieve the FULL whitepaper simply fill in this form and you will recieve the download details for the PDF
If you don't have Adobe Acrobat™ you can download it HERE
