GFI releases software suite for PCI DSS compliance

GFI Software, a developer of network security, content security and messaging software, announced the release of the GFI PCI Suite, a package aimed at helping companies meet the strict requirements and tight deadlines imposed by the Payment Card Industry Data Security Standards (PCI DSS) and comply with the majority of automated processes required for compliance.

The GFI PCI Suite provides a centralized management console through which systems administrators can deploy the PCI DSS enhanced versions of GFI EventsManager and GFI LANguard N.S.S. - two solutions that are vital to network security and essential to meet the directives imposed by PCI DSS.

GFI EventsManager boosts PCI DSS compliancy efforts by alerting administrators on key events occurring on the network while GFI LANguard N.S.S. allows IT professionals to proactively identify network security weaknesses and fix them before these are exploited.

Credit card fraud was the most common form of identity theft at 25% of all reported occurrences in 2006, with more than USD 48 billion lost by financial institutions and businesses in that year and USD 5 billion lost by individuals. E-commerce fraud is also on the rise, reaching $3 billion in 2006 with an increment of 7% over 2005. In order to reduce credit/debit card fraud, the 5 major card industries created a set of security best practices PCI DSS with which payment card industry businesses must comply. Merchants processing over 6 million credit card transactions must become PCI DSS compliant by September 30, 2007 while those processing between 1 and 6 million credit card transactions have until December 31, 2007. Non-compliant companies are liable to various sanctions including hefty fines of up to USD 500,000 per security breach and restrictions on card processing privileges.

"The theft of over 45 million credit card details from TJX Inc. earlier this year has put increased pressure on companies that store, process or transmit cardholder data. No company is immune to credit/debit card fraud so they must protect cardholder data and become PCI DSS compliant by the end of this year," Simon Reed, VP Product Engineering at GFI said. "To help companies speed up their compliance process we are providing them with a single, specialized PCI suite that will allow them to satisfy the majority of automatable requirements imposed by this industry directive."

Apart from log management and vulnerability management solutions, GFI's PCI Suite also ships with enhanced reporting mechanisms. The GFI EventsManager ReportPack has eight new reports specifically designed to provide more granular information on the activity of network users and components. The GFI LANguard Network Security Scanner ReportPack features a new report which presents the status of antivirus solutions deployed on the network and new data filters which provide even more granular control over the information presented in the reports.