November 13, 2007
PCI-DSS Compliance Possible With Use of Perle IOLAN Products
Perle’s advanced security and unique user ID features assist major retailers in obtaining PCI compliance
NASHVILLE, TN - November 13, 2007— Perle announced today that the advanced security features embedded in the IOLAN range of Secure Device Servers helped a global retailer achieve PCI-DSS compliance.
To address the issues of identity theft, fraud, and overall payment account data security, leading payment card companies have worked together to develop a strict new Payment Card Industry Data Security Standard (PCI-DSS). The new standard affects any company that stores, processes, or transmits credit card information. PCI-DSS is a group of principles with twelve accompanying requirements. Retailers must meet this stringent set of twelve requirements or face stiff fines and penalties for non-compliance.
The IOLAN SDS product line has proved in test environments and live POS scenarios to meet Requirement Eight – “Assign a unique ID to each person with computer access”. Requirement Eight is categorized under the PCI-DSS Principle Four – “Implement Strong Access Control Measures”.
The Perle IOLAN SDS was recently chosen over other similar products to enable a global retailer with over 2,000 outlets throughout six countries to pass the PCI compliance audit.
In a PCI compliance seminar hosted by Visa, the most common security holes causing merchants to flunk their PCI-DSS compliance audits are as follows:
- Un-patched systems
- Poor password policies and enforcement
- Insecure services on servers
- Insecure default settings, such as unencrypting wireless connections
- Poorly coded, web-facing applications which cause SQL injections
- Storage and location of prohibited data such as account numbers, CVV2 and PINs
“As a leading connectivity developer and manufacturer focused on helping customers intelligently manage and monitor their information, Perle is no stranger to compliance issues,” comments Julie McDaniel, Vice President of Marketing at Perle Systems. She adds “Perle customers are from a wide range of industries so whether it is HIPAA, FISMA, Sarbanes-Oxley or now PCI-DSS, our Development Team and Product Managers are well aware of what requirements have to be met in order for our customers to be compliant.”
Perle works with several vendors and system integrators providing PCI-DSS complaint solutions to retailers. Perle also works with vendors providing PCI-DSS vulnerability scanning & compliance services to retailers worldwide.
About Perle Systems www.perle.com
Perle Systems is a leading developer, manufacturer and vendor of high-reliability and richly featured serial to Ethernet networking products. These products are used to connect remote users reliably and securely to central servers for a wide variety of business applications. Product lines include Console Servers for Data Center Management, Terminal Servers, Device Servers, Ethernet I/O and Serial Cards. Perle distinguishes itself through extensive networking technology, depth of experience in major real-world network environments and long-term distribution and VAR channel relationships in major world markets. Perle has offices and representative offices in 11 countries in North America, Europe and Asia and sells its products through distribution and OEM/ODE channels worldwide.
North American Contact
May Fong
Tel: 905-946-5068
EMEA Contact
Miriam Webster
Tel: +44 (0)1908 847140