Minimize the Impact of PCI Section 3 on SAP Applications - Paymetric
Minimize the Impact of PCI Section 3 on SAP Applications - Paymetric
Minimize the Impact of PCI Section 3 on SAP Applications - Paymetric
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<str<strong>on</strong>g>Minimize</str<strong>on</strong>g> <str<strong>on</strong>g>the</str<strong>on</strong>g> <str<strong>on</strong>g>Impact</str<strong>on</strong>g> <str<strong>on</strong>g>of</str<strong>on</strong>g> <str<strong>on</strong>g>PCI</str<strong>on</strong>g> <str<strong>on</strong>g>Secti<strong>on</strong></str<strong>on</strong>g> 3<br />
<strong>on</strong> <strong>SAP</strong> Applicati<strong>on</strong>s<br />
A New Approach to Credit Card Encrypti<strong>on</strong><br />
C<strong>on</strong>tents<br />
Introducti<strong>on</strong> .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3<br />
<str<strong>on</strong>g>PCI</str<strong>on</strong>g> Requirement 3:<br />
The Biggest Obstacle to Compliance . . . . . . . . . . . 4<br />
The Challenges <str<strong>on</strong>g>of</str<strong>on</strong>g> Encrypti<strong>on</strong> .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 5<br />
The Mandate: Keep Cardholder Data<br />
Storage to a Minimum .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6<br />
A New Approach to Encrypti<strong>on</strong><br />
Management for Heterogeneous<br />
<strong>SAP</strong> Envir<strong>on</strong>ments .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7<br />
An Introducti<strong>on</strong> to XiSecure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14<br />
C<strong>on</strong>clusi<strong>on</strong> .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15<br />
Encrypti<strong>on</strong> represents <strong>on</strong>e <str<strong>on</strong>g>of</str<strong>on</strong>g> <str<strong>on</strong>g>the</str<strong>on</strong>g><br />
most important mandates for <str<strong>on</strong>g>PCI</str<strong>on</strong>g><br />
compliance—and it also represents<br />
<strong>on</strong>e <str<strong>on</strong>g>of</str<strong>on</strong>g> <str<strong>on</strong>g>the</str<strong>on</strong>g> most difficult requirements<br />
to implement successfully and<br />
cost effectively for companies that<br />
run <strong>SAP</strong>. This paper describes a new<br />
approach to managing encrypted data<br />
in <strong>SAP</strong> that significantly streng<str<strong>on</strong>g>the</str<strong>on</strong>g>ns<br />
an organizati<strong>on</strong>’s security posture,<br />
while minimizing <str<strong>on</strong>g>the</str<strong>on</strong>g> impact <str<strong>on</strong>g>of</str<strong>on</strong>g> <str<strong>on</strong>g>PCI</str<strong>on</strong>g><br />
compliance <strong>on</strong> <strong>SAP</strong>.<br />
© 2008 <strong>Paymetric</strong>, Inc. All rights reserved.<br />
.