Redman Solutions | PCI DSS Bulk Redaction
1617
page-template,page-template-full_width,page-template-full_width-php,page,page-id-1617,page-child,parent-pageid-1002,ajax_fade,page_not_loaded,,qode-title-hidden,qode_grid_1300,qode-theme-ver-10.0,wpb-js-composer js-comp-ver-5.1.1,vc_responsive

PCI DSS Bulk redaction as a service

Redman Solutions has developed Redaction as a Service (RaaS) for organisations that are looking to meet PCI DSS requirements. Our service searches and redacts any credit card numbers from files and metadata in various repositories.
PCI DSS redaction as a service - Redman Solutions

We dig deeper, think fresher, solve better.

PCI DSS at a glance

PCI stands for Payment Card Industry and DSS stands for Data Security Standards. The combined acronym is referred to as PCI DSS. As a response to increased theft of credit card information, the different card brands (MasterCard, Visa, American Express and others) developed a minimum set of requirements for their merchants to follow.
To assist organisations in meeting those requirements, the Payment Card Industry Security Standards Council (PCI SSC) was formed to manage and administer the Payment Card Industry Data Security Standard (PCI DSS) and the supporting standards.
All entities, including local government, that accept, process, transmit or store cardholder data are required to comply with PCI DSS standards or risk restrictions, fines or exclusion from card acceptance programs.
“Redman’s RaaS solution provides at the bulk redaction of credit card details from files in any document repository”
– Matthew Pearce, Redman Solutions

Local Government and PCI DSS

Councils should avoid creating, receiving and storing public records that include credit/debit card information in their document management or email archiving systems. This includes word, text and image files such as emails, email attachments, scanned documents and webform entries.

 

 PCI DSS consists of 6 goals spanning twelve major requirements. These requirements apply to every organisation that accepts, processes, stores or transmits credit card information. There are 7 main goals that correlate with the information in council record keeping:
PCI DSS protect-stored-data
1. Protect Stored cardholder data
PCI DSS restrict-access
2. Restrict access to cardholder data by business need to know
PCI DSS identify-authenticate
3. Identify and authenticate access to system components
PCI DSS cardholder-data
4. Restrict physical access to cardholder data
PCI DSS network-resources
5. Track and monitor all access to network resources and cardholder data
PCI DSS regularly-test
6. Regularly test security systems and processes
PCI DSS maintain-policy
7. Maintain a policy that addresses information security for all personnel
Electronic records are only one element of PCI DSS compliance and should not be considered in isolation from other compliance requirements. While Redman’s RaaS solution looks at the bulk redaction of credit card details from files in a document management system, Council’s are required to still need all 12 suggested by the PCI DSS Security Standards.

Looking for more information? Download the RaaS eBook

connect

We want to talk to you about your bulk redaction needs. Use the form to contact one of our RaaS team members or, if it’s oldschool that you’d prefer, call us on 1300 797 097