Retail Data Protection

Retailers recognize their data isn’t safe, and this threatens their profitability. Data not compliant with PCI DSS standards increases credit card costs on every transaction. The sophistication of today’s cybersecurity outlaws makes the question not “if data will be breached,” but “when.” Thales eSecurity solutions can help retailers protect their data and meet PCI DSS requirements by making it useless to anyone who tries to steal it.

 

Challenges:
  • Data at Risk

    Reportable data breaches can not only have a negative effect on sales and reputation and generate credit monitoring costs and fines, but they are also are alleged to have cost senior executives and even CEOs their jobs.

  • PCI DSS Compliance Requirements

    Data not compliant with PCI DSS standards increases credit card costs on every transaction and may put your organization at risk for fines.

 

With Vormetric HSM

Solutions:
  • Encryption with Integrated Key Management

    Make your data unreadable to others through strong, centrally managed, file, volume and application encryption combined with simple, centralized key management that is transparent to processes, applications and users

  • Access Policies and Privileged User Controls

    Restrict access to encrypted data through access policies and user controls that permit data to be decrypted only for authorized users and applications, while allowing privileged users to perform IT operationswithout the ability to see protected information.

  • Security Intelligence

    Logs that capture access attempts to protected data provide high value security intelligence information that can be used with a Security Information and Event Management (SIEM) solution and for compliance reporting.

  • Vormetric Tokenization with Dynamic Masking

    In addition, Vormetric Tokenization with Dynamic Masking lets administrators establish policies to return an entire field tokenized or dynamically mask parts of a field. With the solution’s format-preserving tokenization capabilities, managers can restrict access to sensitive assets, yet at the same time, format the protected data in a way that enables many users to do their jobs.

 

Benefits:
  • Meet PCI DSS Requirements

    Thales eSecurity solutions can help you protect your data and meet PCI DSS requirements by making it useless to anyone who tries to harvest it.

  • Sophisticated encryption, tokenization and key management solutions that protect mission critical data and applications at retailers

    Thales eSecurity offers comprehensive data encryption, tokenization and key management solutions that protect data across devices, processes, platforms and environments. These solutions have no negative impact on business agility and help retailers protect their customers, meet government and industry compliance standards and avoid the damage to reputation caused by data breaches

  • Implement effective, high assurance tokenization solutions to protect customer information, reduce scope, and contain the cost of compliance

    Comprehensive central key management, policy definition, and integration with Thales HSMs for enhanced key and cryptographic process protection make it easy to comply with PCI key management requirements for key generation, distribution, storage, rotation and replacement.

 

With nCipher HSM

Solutions:
  • Encryption with Strong Key Management

    nCipher and its technology partners make your most sensitive payment and customer data unreadable to unauthorized users through encryption combined with encryption key management backed by FIPS and Common Criteria certified nCipher Hardware Security Modules (HSMs).

  • Secure Execution Environment

    In addition to protecting your sensitive keys, nCipher HSMs also provide a secure environment for running proprietary applications. The CodeSafe option lets you develop and execute code within nCipher’s FIPS 140-2 Level 3 boundaries, safeguarding your applications from potential attacks.

 

Benefits:
  • Meet PCI DSS Requirements

    nCipher solutions can help you protect your data and meet PCI DSS requirements by making it useless to anyone who tries to harvest it.

  • Sophisticated encryption and key management solutions that protect mission critical data and applications

    nCipher and our partners offers comprehensive data encryption and key management solutions that protect data across devices, processes, platforms and environments. These solutions have no negative impact on business agility and help retailers protect their customers, meet government and industry compliance standards and avoid the damage to reputation caused by data breaches

  • Strengthen authentication for payments and e-commerce using general purpose HSMs

    nShield HSMs are independently certified to meet FIPS 140-2 and Common Criteria standards and are approved for other approaches that can reduce scope such as Point-to-Point Encryption under PCI DSS guidelines



Download Document