PCI Security Standards
Council Member

Track & Protect Cardholder Data for PCI

Imperva enables organizations to meet the most challenging requirements in the Payment Card Industry (PCI) Data Security Standard (DSS). Merchants and service providers of all sizes trust Imperva SecureSphere to protect sensitive information, audit access to cardholder data, and automate their PCI compliance processes.

PCI DSS Requirements for Data Security Compliance

SecureSphere helps organizations meet 8 of the 12 high level requirements in the PCI standard including the traditionally most challenging Web application and database security requirements.

	PCI 1.2 Requirements	Imperva
1	Install and maintain a firewall configuration to protect cardholder data
2	Do not use default system passwords and other security parameters
3	Protect stored cardholder data
4	Encrypt transmission of cardholder data across open, public networks
5	Use and regularly update anti-virus software
6	Develop and maintain secure systems and applications
7	Restrict access to cardholder data by business need-to-know
8	Assign a unique ID to each person with computer access
9	Restrict physical access to cardholder data
10	Track & monitor all access to network resources and cardholder data
11	Regularly test security systems and processes
12	Maintain a policy that addresses information security

Why Imperva for PCI DSS Compliance

• Comprehensive, accurate protection of cardholder data
• Continuous, automated data protection and audit logging
• Low cost of ownership
• No impact on existing infrastructure
• Automated policy configuration
• Enterprise-class management and reliability
• Automated PCI compliance reporting

SecureSphere's sophisticated application and database security technology enables organizations to meet PCI IT requirements