The Payment Card Industry (PCI) Data Security Standard (DSS) was designed to protect the privacy of customers, as well as payment card and merchant data at the point of sale (POS), in transit, and at rest. Companies that can demonstrate compliance with the PCI standard and prove that they are trustworthy custodians of customer data have the opportunity to build solid customer loyalty. Complying with PCI regulations is challenging because the required security measures span the network and attached systems. Most industry experts agree that the best way to achieve and maintain PCI compliance is to adopt a strategic, holistic approach to network security risk management and compliance that includes the network infrastructure, policies, and procedures. The ability to centrally manage systems, network services, and security is essential to a holistic solution. Cisco offers a network foundation that is an important step for retailers to achieve regulatory compliance requirements and implement data security best practices.
Using its accumulated best practices, Cisco has developed a set of architectures in a lab environment with PCI requirements in mind. Cisco invited PCI auditors to evaluate these architectures, and the auditors found that the technology, if properly deployed and maintained, could help retailers achieve PCI compliance. Known as the Cisco PCI Solution for Retail, these network architectures support secure transport for point-of-sale traffic, such as credit card data, cardholder information, transaction logs, and database records. These architectures can be used throughout the range of retail environments from small stores to large retail footprints.
Cisco partners also offer a wide range of solutions for antivirus, POS software, wireless POS, scan, audit, and remediation services, and payment applications.
Resources and Case Studies