Follow on Google News News By Tag Industry News News By Location Country(s) Industry News
Follow on Google News | Coalfire Updates Navis Rapid PA-DSS to PCI 3.0 StandardsNew tool simplifies process for software vendors to meet new PA-DSS 3.0 standard
By: Coalfire This release incorporates the new 3.0 security standard for payment applications from the Payment Card Industry Security Standards Council (PCI SSC). Payment application vendors will have to submit compliance validation reports to the PCI 3.0 standard starting January 1, 2015. Existing payment applications certified to the 2.0 standard face expiration at the end of 2015. “Software vendors using the Navis Rapid PA-DSS tool for the first time are able to quickly understand how the PA-DSS standard applies to their application, ask the right questions the first time, and ultimately be properly prepared for their PA-DSS assessment,” Coalfire clients who have previously used the 2.0 version of Navis Rapid PA-DSS will find the new process streamlined and easier to use. All users will be able to identify potential gaps in their applications to the new 3.0 standard, creating an opportunity to fix those gaps before their assessment begins; resulting in saving time and costs associated with remediation and development under tight time constraints. One of the other significant changes with the new PCI 3.0 standard for payment applications is that once a payment application vendor selects a PCI certified Payment Application Qualified Security Assessor (PCI PA-QSA) to conduct a validation or assessment of their payment application, the payment application vendor is locked in to that assessor. Switching assessors will require the payment application vendor to start the validation and assessment process from the beginning when they bring in a new vendor, per the PCI PA-DSS v3.0 Program Guide (https://www.pcisecuritystandards.org/ Fritsche also advises that “vendors will want to select a PA-QSA as a trusted assessor for a long term partnership. Simply getting a check-in-the- The new release of Navis Rapid PA-DSS 3.0 (http://www.coalfire.com/ · Improved support for enterprise application developers who develop multiple lines of Payment applications. · Increased visibility for assessors into the status of a software vendor’s self-assessment. · Improved access control options. · Additional flexibility to support the nuances of software development within the confines of the PA-DSS controls. · Improved status overviews for overall assessment progress. · Simplified documentation collection process. · Guidance support to easily map controls to the PA-DSS standard. · Improved reporting to assist with gap identification and remediation. About Coalfire Coalfire is a global leader in, independent, information technology Governance, Risk and Compliance (IT GRC) that provides IT audit, risk assessment and compliance management solutions. Founded in 2001, Coalfire has offices in Atlanta, Boston, Dallas, Denver, Los Angeles, Manchester (U.K.), New York, San Francisco, Seattle, and Washington D.C. and completes thousands of projects annually in retail, financial services, healthcare, government and utilities. Coalfire’s solutions are adapted to requirements under emerging data privacy legislation, the PCI DSS, GLBA, FFIEC, HIPAA/HITECH, HITRUST, NERC CIP, Sarbanes-Oxley, FISMA and FedRAMP. For more information, visit www.coalfire.com. End
Account Email Address Account Phone Number Disclaimer Report Abuse
|