All merchants, service providers, financial institutions and other entities that store, process, or transmit payment cardholder data are required to comply with the Payment Card Industry Data Security Standard (PCI DSS) v3.0 by January 1, 2015. The use of virtualization technology in private clouds is not exempt from PCI DSS v3.0 requirements, which raises the bar for security in a virtualized Cardholder Data Environment (CDE). Traditional physical security components that are usually deployed at the network edge make it difficult if not impossible to effectively monitor and control virtual components. It is vital for organizations using virtual technology in the CDE to adopt tools that protect cardholder data. In this webinar we will cover virtualization security best practices to achieve and maintain PCI DSS v3.0 compliance as well as outlining four specific requirements—not previously required with PCI DSS v2.0—that impact the CDE.
Join Andi Baritchi, Managing Principal, Global PCI Consulting Services at Verizon and Randal Asay, CTO at Catbird.
Whether you're responsible for implementing micro-segmentation, involved with data center or cloud transformation or just trying to understand the network connectivity requirements of your workloads ~ this is a must-see webinar.
During this webinar, participants will learn:
* What micro-segmentation is exactly and why is it important
* The “Path to Micro-Segmentation”... how to prepare for it and what steps to take
* How micro-segmentation can benefit network, security, data center/cloud and DevOps teams through an application-centric view of your virtual infrastructure
After the presentation, we will open the floor to Q&A. We expect this to be a collaborative event where attendees and our presenter can share ideas, thoughts and opinions.
How do I launch new applications in a matter of hours?
How do I apply more fine-grained security and compliance controls?
You've tasted the virtualization Kool-Aid and are ready to go live with your new virtualized infrastructure. But wait! The CSO has pressed pause. Virtualization brings significant changes - and new risks - to security and compliance in the virtualized data center. Learn how to virtualize mission-critical systems safely with McAfee and Catbird, the pioneers in virtualization securityRead more >
Organizations outsourcing card data to the cloud face significant security risks. Storing, processing and transmitting cardholder data in the cloud brings the cloud environment into scope for the PCI Data Security Standard (PCI DSS). And as soon as an organization adds other players to the offsite card-management mix, ensuring compliance with the PCI DSS becomes increasingly challenging.
In this new environment cloud users and cloud service providers need to clearly understand what their roles and responsibilities are when it comes to protecting this data. Organizations need to know where their data is at all times yet they have limited or no control over cardholder data storage. These are all things that you have to take into consideration when you're thinking about outsourcing to a cloud provider. In this webcast our panel will address ways to navigate the main PCI security challenges in the cloud, and attendees will gain insights on:
- Emerging PCI security risks in the cloud
- Processes for assessing risk when card data could potentially be stored in multiple locations
- Recommendations for achieving PCI compliance across virtual environments
- How to use a data-centric approach to maintain PCI scope management
IT is flocking to the software-defined data center for cost-savings and agility. Software defined security offers the same benefits but is less well-known and subject to serious scrutiny. This talk will discuss the benefits of software-defined security to next-generation data center protection and compliance while noting the challenges to ITsec and auditors. Software-defined security: It's About Time (and Money)!Read more >
In this webcast, I will describe common architectural vulnerabilities in many virtual server deployments. Solutions to these vulnerabilities will be described and a best practice architecture that enables maximal server consolidation will be defined.Read more >
Compliance and security continue to be top concerns for regulated organizations that plan to move their environment to cloud computing. Last year, the PCI governing body issued the first set of formal guidance addressing PCI compliance in virtualized infrastructure. This how-to webinar will review what is different about virtualized data centers when it comes to PCI compliance, discuss potential complexity in meeting audit requirements, cover freshly-updated regulations and give attendees actionable advice to accelerate the transition of their PCI-regulated workloads to the private cloud.Read more >
Security & Compliance in Virtual InfrastructureRead more >
Securing the Dynamic Data CenterRead more >