What? A research report on enterprise firewalls. Really? Most folks figure firewalls have evolved about as much over the last 5 years as ant traps. They’re wrong, of course, but people think of firewalls as old, static, and generally uninteresting. But this is unfounded. Firewalls continue to evolve, and their new capabilities can and should impact your perimeter architecture and firewall selection process. That doesn’t mean we will be advocating yet another rip and replace job at the perimeter (sorry, vendors), but there are definitely new capabilities that warrant consideration – especially as the maintenance renewals on your existing gear come due.
Tokenization is currently one of the hottest topics in database and application security. In this report we explain what tokenization is, when it works best, and how it works – and give recommendations to help choose the best solution.
Tokenization is just such a technology: it replaces the original sensitive data with non-sensitive placeholders. Tokenization is closely related to encryption – they both mask sensitive information – but its approach to data protection is different.
The Payment Card Industry (PCI) Data Security Standard (DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures. The problem is that the guidance provided is not always clear. This is especially true when it comes to secure storage of credit card information. The gap between recommended technologies and how to employ them leaves a lot of room for failure. This white paper examines the technologies and deployment models appropriate for both security and compliance, and provides actionable advice on how to comply with the PCI-DSS specification.