Protect consumer credit card information
Passlogix announced today that its v-GO Access Accelerator Suite provides a comprehensive technology solution for compliance with Payment Card Industry Data Security Standard (PCI DSS) Requirement 8, which mandates the use of unique IDs for each individual with access to consumer credit card information. v-GO consolidates most of the technologies required to address Requirement 8 under an integrated infrastructure that reduces complexity, cost and administrative effort.
v-GO’s broad solution set – built around the market-leading enterprise single sign-on (ESSO) product – provides a unique combination of ESSO, shared account management, and strong authentication and identity management support. This industry-first ability to manage both conventional and shared credentials as well as support two-factor authentication and user provisioning with a single technology platform minimizes the number of IT products needed to meet Requirement 8 mandates.
PCI DSS provides a uniform set of security guidelines designed to prevent the theft of consumer credit card information. Requirement 8 – one of 12 general security directives in the standard – calls for organizations to “assign a unique identification (ID) to each person with computer access” to ensure that “actions taken on critical data and systems are performed by, and can be traced to, known and authorized users.”
v-GO addresses the standard’s detailed Requirement 8 implementation instructions through:
- Advanced enterprise single sign-on capabilities that meet the directive’s demands to assign unique user IDs, encrypt all passwords, and implement strong password policies. v-GO’s ESSO functionality also provides centralized audit logs that fulfill the directive’s traceability objective by documenting all system activity by user.
- Integrated strong authentication support that meets the standard’s two-factor authentication requirements – along with its various password control provisions – by allowing user authentication by any combination of smart cards, badges, proximity devices, tokens or biometrics to be managed through the ESSO system.
- Industry-first ESSO-based shared account management that complies with the Requirement 8 provision involving group, shared or generic accounts and passwords by enabling credentials to be securely shared by multiple users through the ESSO infrastructure with no need for a separate dedicated password vault system.
- Integration with the leading identity management systems, supporting the standard’s demand for tight controls over addition, modification and deletion of user IDs and credentials while also streamlining IdM implementations via account reconciliation capabilities that provide a list of all target system accounts correlated back to their rightful owners.