|
Building Database Controls for PCI-DSS |
| Topic |
Building Database Controls for PCI-DSS
|
| Date |
5-Mar-2010 (Fri) |
| Time |
19:30 - 20:30
|
| Venue |
PolyU room PQ502
|
| Seats |
PISA Members Only
Limited seats. First-come-first-serve.
|
| Registration |
Use this Registration Form
Fax:2900-8338
Email to
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
|
| Speaker |
Mr. Graeme Nash
Principal Audit, Security and Compliance Consultant
Mr. Graeme Nash is a veteran of over 20 years in the IT industry with a wide and varied career in a number of countries in Europe including a tenure of 6 years at Oracle with senior technology and application client responsibilities. His interest in IT security and particularly data security started over 5 years ago when a principal consultant for Quest Software. Now Fortinet's EMEA Principal Audit, Security and Compliance Consultant, he advises clients across all sectors particularly financial services on the implementation of security solutions to meet compliance objectives such as SoX, PCI-DSS etc. He speaks several European languages, is a member of ISACA and BCS ISSIG.
|
| Content |
The topic will be focused on PCI-DSS and Fortinet had some success with it to run through achieving the data/database oriented challenges with DB controls.
It will cover:-
Requirement 2 : No vendor supplied defaults for system passwords
Requirement 3 : Stored cardholder data/ must be protected
Requirement 6 : Develop and maintain secure systems
Requirement 7 : Access to data restricted on a need-to-know basis
Requirement 10 : Track and monitor access to cardholder data
Requirement 11 : Regular systems testing
Requirement 12 : Maintaining an information security policy
|
|
Language
|
English |
| Organizer |
|
Professional Information Security Association
|
|
|
|
|
|
|
Upcoming Events