The Payment Card Industry Data Security Standard (PCI DSS) sets rigorous security mandates that apply to all payment card network members, merchants, and service providers — virtually any business that stores, processes, or transmits cardholder data. The mandates include having a secure network infrastructure and vulnerability management program, strong access control, regular monitoring and testing of applicable networks, as well as maintenance of an information security policy. Penalties can be substantial to those found to be not compliant.
While the regulatory mandates are straightforward, they can place significant operational burdens on regulated companies. That’s why the objective shouldn’t be just to attain regulatory compliance, but to do so in the most effective and efficient way possible.That was the goal of Tomas Fencl, security and technical architect at Czech Airlines. While Czech Airlines was working toward PCI DSS compliance, it wanted to build a more effective way to maintain a high level of compliance and to reduce risk to its IT infrastructure.
Click here to get further information for Czech Airlines
Related Case Studies:
- Case Study about Scandinavian Airlines Senior executives at Scandinavian Airlines (SAS) have implemented a new...
- Case Study American Airlines Founded in 1930, American Airlines, formerly American Airways, Inc., was...
- Case Study of Continental Airlines Situation: Headquartered in Houston, Texas, Continental Airlines posted revenues of...
- United Airlines Case Study United Services is the maintenance and engineering services division of...
- Case Study on Singapore Airlines Marketing Strategy Analysis This report is commissioned to do a study on the...