Ukuvula Izimfihlo zokuthobela i-PCI: Umhlahlandlela Ophelele Wamabhizinisi e-DE, MD, NJ, NY, PA, nase-NY
Ingabe ungumnikazi webhizinisi eDelaware, Maryland, New Jersey, New York, Pennsylvania, noma eNew York? Uma kunjalo, ukuqonda ukuthobela kwe-PCI kubalulekile ukuze uvikele idatha yekhasimende lakho futhi uvikele ibhizinisi lakho ezinhlawulweni nasekulimaleni kwesithunzi. Lo mhlahlandlela ophelele uzovula izimfihlo zokuthobela i-PCI futhi unikeze ulwazi oludingekayo ukuze uqinisekise ukuthi ibhizinisi lakho lithobela ngokugcwele.
Ukuthobela i-PCI, okusho ukuthi Izinga Lokuvikeleka Kwedatha Yomkhakha Wekhadi Lokukhokha, isethi yemithetho wonke amabhizinisi acubungula izinkokhelo zekhadi lesikweletu okufanele ayithobele. Ngokulandela lawa mazinga, uqinisekisa ukuvikeleka kolwazi lomuntu siqu lwekhasimende lakho futhi uthole ukwethenjwa kwalo nokuqiniseka ebhizinisini lakho.
Kulo mhlahlandlela, sizohlukanisa izidingo ezihlukahlukene zokuthobela i-PCI, okuhlanganisa ukuphepha kwenethiwekhi, izinhlelo zokusebenza zokukhokha ezivikelekile, ukuskena okujwayelekile kokuba sengozini, nokuningi. Futhi sizohlinzeka ngezinyathelo ezisebenzayo namasu okugcina ukuthobela kanye namathiphu okuzulazula ezinkingeni zenqubo yokuthobela.
Ungavumeli ukuthobela kwe-PCI kube yimpicabadala. Hlanganyela nathi njengoba sembula izimfihlo zokuzuza nokugcina ukuthobela nokuvikela idatha yebhizinisi lakho neyamakhasimende.
Ubani odinga ukuthobela i-PCI DSS?
I-Payment Card Industry Data Security Standard (PCI DSS) isethi yamazinga okuphepha izinkampani ezinkulu zamakhadi esikweletu ezidalelwe ukuvikela idatha yomnikazi wekhadi futhi zinqande ukukhwabanisa. Ukuthobela i-PCI DSS kuyisibopho kunoma yiliphi ibhizinisi elamukela izinkokhelo zekhadi lesikweletu. Izinga liqukethe izidingo eziyi-12 izinkampani okufanele zihlangabezane nazo ukuze ziqinisekise ukuvikeleka kwedatha yomnikazi wekhadi.
Imfuneko yokuqala ukufaka nokugcina ukumiswa kwe-firewall ukuze kuvikelwe idatha yomnikazi wekhadi. Ama-firewall ayisithiyo phakathi kwamanethiwekhi akho angaphakathi nangaphandle, avimbela ukufinyelela okungagunyaziwe kulwazi olubucayi. Kubalulekile ukubuyekeza futhi uhlole i-firewall yakho njalo ukuze uqinisekise ukusebenza kwayo.
Imfuneko yesibili ukushintsha amagama ayimfihlo azenzakalelayo nezilungiselelo ezinikezwe abathengisi. Amagama ayimfihlo azenzakalelayo ajwayele ukwaziwa ngabaduni, futhi ukuwashiya engashintshile kwenza kube lula ukuthi bathole ukufinyelela okungagunyaziwe kumasistimu akho. Ukushintsha amagama ayimfihlo nezilungiselelo kuyisinyathelo esilula kodwa esibucayi ekuvikeleni idatha yomnikazi wekhadi lakho.
Imfuneko yesithathu ukuvikela idatha yomnikazi wekhadi egciniwe. Lokhu kuhlanganisa ukubethela imininingwane ebucayi, njengezinombolo zekhadi lesikweletu, ukuze kuvinjelwe ukufinyelela okungagunyaziwe. Ukusebenzisa ama-algorithms okubethela aqinile kanye nezinqubo zokuphatha ezibucayi zokubethela kubalulekile ukuze kuvikelwe idatha yomnikazi wekhadi egciniwe.
Imiphumela yokungathobeli imithetho
I-PCI DSS isebenza kunoma yiliphi ibhizinisi elicubungula, eligcina noma lithumele idatha yekhadi lesikweletu. Lokhu kuhlanganisa abathengisi nabahlinzeki besevisi, njengabacubunguli benkokhelo nabahlinzeki abasingatha, abasingatha idatha yomnikazi wekhadi egameni lamanye amabhizinisi. Kungakhathalekile ukuthi ungakanani noma inani lemisebenzi, ukuthobela i-PCI kuyisibopho uma ibhizinisi lakho libandakanyeka nganoma iyiphi indlela ngezinkokhelo zekhadi lesikweletu.
Izidingo zokuthobelana zingahluka kuye ngobukhulu bebhizinisi lakho. Abathengisi bezinga loku-1, abacubungula ukuthengiselana kwamakhadi angaphezu kwezigidi eziyisi-6 ngonyaka, banezidingo eziqinile futhi kufanele bahlolwe minyaka yonke yi-Qualified Security Assessor (QSA). Abathengisi beLeveli 2, 3, kanye ne-4 banezidingo ezingaqinile kangako kodwa kufanele bathobelane namazinga e-PCI DSS.
Kubalulekile ukuqaphela ukuthi noma ngabe ibhizinisi lakho likhiphela ngaphandle ukucubungula inkokhelo kumthengisi wenkampani yangaphandle, usenesibopho sokuqinisekisa ukuthi umthengisi uyathobela i-PCI. Ukwehluleka ukwenza kanjalo kungaholela ekuhlawulisweni, emiphumeleni yomthetho, kanye nokulimala kwesithunzi sakho.
Izinyathelo zokufinyelela ukuthobela i-PCI
Ukungathobeli i-PCI DSS kungaba nemiphumela ebucayi ebhizinisini lakho. Izinkampani ezinkulu zamakhadi esikweletu zingabeka izinhlawulo nezijeziso kumabhizinisi ahlulekayo ukuhlangabezana nezimfuneko. Lezi zinhlawulo zingasukela ezinkulungwaneni ezimbalwa zamadola ukuya kumakhulu ezinkulungwane, kuye ngobunzima bokungathobeli kanye nenani lokwephulwa komthetho.
Ngaphezu kwezijeziso zezezimali, ukungathobeli imigomo nakho kungaholela ekulimaleni kwesithunzi. Uma ukwephulwa kwedatha kwenzeka ngenxa yokungathobeli, ukuthembela kwamakhasimende akho ebhizinisini lakho kuzoba sengozini. Lokhu kungaholela ekulahlekelweni kwamakhasimende, ukubuyekezwa okungekuhle, kanye nesithunzi esilimele esingathatha iminyaka ukwakhiwa kabusha.
Ngaphezu kwalokho, ukungathobeli kubeka ulwazi lwamakhasimende akho lomuntu siqu kanye nelezezimali engcupheni. Esimeni sokuphulwa kwedatha, ungase ube nesibopho esingokomthetho sanoma yimuphi umonakalo owenziwe amakhasimende akho. Lokhu kungafaka izindleko ezihlobene nokuqapha isikweletu, ukuntshontshwa komazisi, kanye nemisebenzi ewumgunyathi.
Uhlu lokuhlola lokuthobela i-PCI
Ukuzuza ukuthobela i-PCI kudinga indlela ehlelekile kanye nokuhambisana nezidingo eziyi-12 ezishiwo ku-PCI DSS. Nazi izinyathelo okudingeka uzithathe ukuze uqinisekise ukuthi ibhizinisi lakho liyathobelana:
1. Hlola indawo okuyo njengamanje: Qala ngokuhlolisisa amasistimu akho akhona, izinqubo, nengqalasizinda ukuze uhlonze noma yibuphi ubuthakathaka noma izindawo zokungathobeli. Lokhu kuhlanganisa ukwenza uhlu olubanzi lwawo wonke amasistimu agcina, acubungula, noma adlulise idatha yomnikazi wekhadi.
2. Ukulungisa ubungozi: Uma usuhlonze ubuthakathaka, lungisa ngokushesha. Lokhu kungase kuhlanganise ukuchibiyela isofthiwe, ukubuyekeza izilungiselelo zokuphepha, noma ukusebenzisa izilawuli zokuphepha ezengeziwe. Qaphela futhi uhlole amasistimu akho ukuze uqinisekise ukuthobela okuqhubekayo.
3. Izinqubomgomo nezinqubo zamadokhumenti: Misa izinqubomgomo nezinqubo ezicacile ezichaza indlela idatha yomnikazi wekhadi isingathwa futhi ivikelwe ngayo ngaphakathi kwenhlangano yakho. Lokhu kuhlanganisa ukuchaza izindima nezibopho, ukusebenzisa izilawuli zokufinyelela, kanye nokubhala izinqubo zokuphendula izigameko.
4. Qeqesha abasebenzi: Fundisa abasebenzi bakho ngokubaluleka kokuthobela i-PCI futhi unikeze uqeqesho mayelana nezinqubo ezingcono kakhulu zokuphepha. Lokhu kuhlanganisa ukuqeqeshwa kokuthi ungaphatha kanjani idatha yomnikazi wekhadi ngokuphephile, indlela yokubona nokubika izigameko ezingaba khona zokuphepha, kanye nendlela yokusabela ekwephulweni kwedatha.
5. Bandakanya Umhloli Wezokuphepha Ofanelekayo (i-QSA): Uma ibhizinisi lakho liwela ngaphansi kwesigaba somthengisi seZinga 1, kufanele uxhumane ne-QSA ukuze yenze ucwaningo lwaminyaka yonke futhi iqinisekise ukuthobela kwakho. I-QSA yinhlangano ezimele yenkampani yangaphandle egunyazwe i-PCI Security Standards Council ukuze ihlole ukuthobelana ne-PCI DSS.
6. Thumela imibiko yokuthobela imithetho: Uma i-QSA isiqinisekise ukuthi uyathobela yini umthetho, kufanele ulethe imibiko yokuhambisana nemithetho ezinkampanini ezifanele zamakhadi esikweletu kanye namabhange athengayo. Le mibiko ibonisa ukuzibophezela kwakho ekuvikeleni idatha yomnikazi wekhadi nokugcina ukuthobelana ne-PCI DSS.
Ngokulandela lezi zinyathelo, ungaqinisekisa ukuthi ibhizinisi lakho lisendleleni yokuzuza nokugcina ukuthobela kwe-PCI. Khumbula, ukuthobela umthetho kuyinqubo eqhubekayo futhi kudinga ukuqapha njalo nezibuyekezo ukuze uhlale ngaphambi kwezinsongo ezivelayo kanye nokuba sengozini.
Imikhuba engcono kakhulu yokugcina ukuthobela i-PCI
Ukukusiza ukuthi uhlale uhlelekile futhi uqinisekise ukuthi uhlanganisa zonke izidingo zokuthobela i-PCI, nalu uhlu lokuhlola oluzokuqondisa:
1. Faka futhi ulondoloze ukucushwa kwe-firewall ukuze uvikele idatha yomnikazi wekhadi.
2. Shintsha amagama ayimfihlo nezilungiselelo ezinikezwe abathengisi.
3. Vikela idatha yomnikazi wekhadi egciniwe ngokubhala ngemfihlo.
4. Khawulela ukufinyelela kudatha yomnikazi wekhadi ngokusebenzisa izilawuli zokufinyelela.
5. Qaphela futhi uhlole amanethiwekhi ukuze uthole ubungozi.
6. Gcina inqubomgomo yokuphepha kolwazi kanye nezinqubo zemibhalo.
7. Qeqesha abasebenzi ngezindlela ezingcono kakhulu zokuphepha kanye nokuphatha idatha yomnikazi wekhadi.
8. Hlaziya njalo futhi unamathisele amasistimu nesofthiwe.
9. Khawulela ukufinyelela okubonakalayo kudatha yomnikazi wekhadi.
10. Sebenzisa izinyathelo zokuqinisekisa eziqinile zokufinyelela kumasistimu nedatha yomnikazi wekhadi.
11. Hlola njalo izinhlelo zokuphepha nezinqubo.
12. Gcina uhlelo lokuphendula isigameko futhi uzilungiselele ukuphendula ekuphulweni kwedatha.
Ngokubheka into ngayinye kulolu hlu, ungaqinisekisa ukuthi ibhizinisi lakho lithatha izinyathelo ezidingekayo ukuze uzuze futhi ugcine ukuthobela kwe-PCI.
Ukuthobela i-PCI kumabhizinisi ase-DE, MD, NJ, NY, PA, nase-NY
Ukuzuza ukuthobela i-PCI akuwona umcimbi wesikhathi esisodwa kodwa ukuzibophezela okuqhubekayo. Nazi ezinye izinqubo ezihamba phambili zokukusiza ugcine ukuthobela:
1. Hlaziya njalo futhi unamathisele amasistimu: Gcina amasistimu akho nesofthiwe kubuyekeziwe ngeziqephu zokuphepha zakamuva nezibuyekezo. Izigebengu ze-inthanethi zingasebenzisa ubungozi kusofthiwe esiphelelwe yisikhathi ukuze bathole ukufinyelela okungagunyaziwe kumasistimu akho.
2. Yenza ukuskena okujwayelekile kokuba sengozini: Yenza ukuskena okujwayelekile kokuba sengozini ukuze ubone noma yibuphi ubuthakathaka obungaba khona kumasistimu akho. Lezi zikena kufanele zenziwe ithuluzi lokuskena lokuba sengozini eliqeqeshiwe noma elizenzakalelayo.
3. Qapha umsebenzi wenethiwekhi: Sebenzisa isistimu yokuqapha umsebenzi wenethiwekhi nokuthola ukuziphatha okungajwayelekile noma okusolisayo. Lokhu kungakusiza ukuthi ukhombe futhi uphendule ezigamekweni ezingaba khona zokuphepha ngokushesha.
4. Sebenzisa izilawuli zokufinyelela eziqinile: Khawulela ukufinyelela kudatha yomnikazi wekhadi ngokusebenzisa izinyathelo zokuqinisekisa eziqinile, ezinjengokuqinisekisa ngezinto eziningi kanye nama-ID omsebenzisi ahlukile namaphasiwedi. Lokhu kuzosiza ekuvimbeleni ukufinyelela okungagunyaziwe kulwazi olubucayi.
5. Bethela idatha yomnikazi wekhadi: Sebenzisa ama-algorithms okubethela aqinile ukuze uvikele idatha yomnikazi wekhadi lapho uhamba futhi uphumule. Lokhu kubandakanya ukubethela idatha egcinwe eziphakelini kanye nedatha edluliswa ngamanethiwekhi.
6. Qeqesha abasebenzi njalo: Qeqesha abasebenzi bakho ngezindlela ezihamba phambili zokuphepha kanye nokubaluleka kokuthobela i-PCI. Lokhu kuzosiza ukuqinisekisa ukuthi wonke umuntu enhlanganweni yakho uyayiqonda indima yakhe ekugcineni ukuthobelana nokuphatha idatha yomnikazi wekhadi ngokuphephile.
7. Yenza imikhankaso evamile yokuqwashisa ngokuvikeleka: Khulisa ukuqwashisa kubasebenzi bakho mayelana nezinsongo zakamuva zokuphepha nokuthi zingavinjelwa kanjani. Lokhu kungabandakanya ukulingiswa kobugebengu bokweba imininingwane ebucayi, izincwadi zezindaba ze-cybersecurity, nezikhumbuzo ngokubaluleka kokulandela izinqubomgomo nezinqubo zokuphepha.
Ngokulandela lezi zinqubo ezihamba phambili, ungaqinisekisa ukuthi ibhizinisi lakho lihlala lithobela i-PCI DSS futhi lihlala lingaphambi kwezinsongo zokuphepha ezingaba khona.
Izinsizakalo zokuthobela i-PCI nezisombululo
Izidingo zokuthobela i-PCI ziyefana kungakhathaliseki indawo okuyo. Kodwa-ke, kufanele wazi noma yimiphi imithethonqubo eyengeziwe eqondene nombuso engasebenza ebhizinisini lakho. Ezinye izifundazwe, njenge-New York, zenze imithetho ye-cybersecurity, okungenzeka ibe nezidingo ezihlukile ngale kwe-PCI DSS.
Uma ibhizinisi lakho lisebenza e-Delaware, Maryland, New Jersey, New York, Pennsylvania, noma eNew York, kufanele uzijwayeze nemithethonqubo ethile esebenza esifundeni sakho. Lokhu kungase kuhlanganise ukwenza ucwaningo olwengeziwe noma ukubonisana nochwepheshe bezomthetho noma uchwepheshe we-cybersecurity.
Ukwengeza, cabanga ukusebenzisana nomhlinzeki wesevisi wokuthobela we-PCI ogxile ekusizeni amabhizinisi esifundeni sakho ukuthi afeze futhi agcine ukuthobelana. Laba bahlinzeki banganikeza izixazululo ezihambisanayo kanye nesiqondiso sokuqinisekisa ukuthi ibhizinisi lakho lihlangabezana nazo zonke izidingo.
Isiphetho
Ukufeza nokugcina ukuthobela kwe-PCI kungaba inqubo eyinkimbinkimbi futhi edla isikhathi. Ngenhlanhla, izinsiza ezahlukahlukene zokuthobela i-PCI nezisombululo ziyatholakala ukusiza amabhizinisi enze imizamo yawo yokuthobela imithetho.
Abahlinzeki besevisi yokuthobela i-PCI bahlinzeka ngamasevisi ahlukahlukene, okuhlanganisa ukuhlola ubungozi, ukuskena ubungozi, ukuhlolwa kokungena, kanye nokubonisana nokuthobelana. Laba bahlinzeki banolwazi nolwazi lokuqondisa amabhizinisi ngokuhambisana nokuqinisekisa ukuthi zonke izidingo ziyahlangatshezwa.
Ngokungeziwe kubahlinzeki besevisi, kukhona nezixazululo zesofthiwe ezitholakalayo ezingasiza amabhizinisi ukuthi azuze futhi agcine ukuthobelana kwe-PCI. Lezi zixazululo zenza imisebenzi eminingi ebandakanyekile ekuthobeleni ngokuzenzakalelayo, njengokuskena ukuba sengozini, ukubhalwa kwenqubomgomo, nokubika. Ngokusebenzisa lezi zixazululo, amabhizinisi angonga isikhathi nezinsiza ngenkathi eqinisekisa ukuhambisana okuqhubekayo.
Ukukhetha umhlinzeki othembekile nothembekile kubalulekile lapho ukhetha umhlinzeki wesevisi yokuthobela i-PCI noma isisombululo sesofthiwe. Bheka abahlinzeki abanolwazi lokusebenza namabhizinisi embonini yakho kanye nerekhodi elifakazelwe lokusiza izinkampani ukuthi zifeze futhi zigcine ukuthobelana.
Amadolobha Aphezulu, Amadolobhakazi, Nezifundazwe Ezisetshenziswa Izinsizakalo eziphethwe yi-Cyber Security Consulting Ops:
Alabama Ala. AL, Alaska Alaska AK, Arizona Ariz. AZ, Arkansas Ark. AR, California Calif. CA, Canal Zone CZ CZ, Colorado Colo. CO, Connecticut Conn. CT Delaware Del. DE, District of Columbia DC DC, Florida Fla. FL, Georgia Ga. GA, Guam, Guam GU, Hawaii Hawaii, HI, Idaho, Idaho ID, Illinois Ill. IL
Indiana Ind. IN, Iowa, Iowa IA, Kansas Kan. KS, Kentucky Ky. KY, Louisiana La. LA, Maine, Maine ME, Maryland, Md. MD, Massachusetts, Mass. MA Michigan, Mich. MI, Minnesota Minn. MN, Mississippi, Miss. MS, Missouri, Mo. MO, Montana, Mont. MT, Nebraska, Neb. NE, Nevada Nev. NV, New Hampshire N.H. NH, New Jersey, N.J. NJ, New Mexico, NM. NM, New York N.Y. NY, North Carolina N.C. NC, North Dakota N.D. ND, Ohio, Ohio, OH, Oklahoma, Okla. OK, Oregon, Ore. OR Pennsylvania Pa. PA, Puerto Rico P.R. PR, Rhode Island RI RI, South Carolina S.C. SC, South Dakota SD. SD, Tennessee Tenn. TN, Texas Texas TX, Utah UT, Vermont Vt. VT, Virgin Islands VI-VI, Virginia Va. VA, Washington Wash. WA, West Virginia, W.Va. WV, Wisconsin, Wis. WI, nase-Wyoming, Wyo
