Visa Cardholder Information Security Program (CISP)
Visa requires that any companies dealing with Visa cardholders' information conform to a set of data security standards. These mandate basic security best-practices, together with a number of more detailed sub-requirements. Read on to find out how NGSSoftware's suite of security auditing tools can help your company achieve and maintain Visa CISP compliance.
Requirements:
"Install and maintain a working firewall to protect data."
The pen-testing features of Typhon III and the NGSSQuirreL family of database scanners ensure the correct deployment of firewalls within the corporate enterprise.
"Keep security patches up-to-date."
NGSSoftware's products check the patch levels of software as diverse as Oracle, SQL Server, IIS, Lotus Domino, IBM DB2 and Microsoft Windows.
"Encrypt data sent across public networks."
Typhon checks that SSL security is enabled for client facing web servers.
"Restrict access according to "need to know" basis."
All our software performs thorough audits for overly-generous permissions and access privileges.
"Don't use vendor-supplied defaults for passwords and security parameters."
All products include a comprehensive list of default passwords which are checked against all scanned servers.
"Regularly test security systems and processes."
The ease of use of our tools and their ability to schedule scans means that regular tests of the infrastructure's security are made simple.
