Helzberg Diamonds Tokenization for PCI Compliance and Data Protection

Florian Yanez, manager of technical systems for Helzberg Diamonds, is among those attending RSA Conference 2011. CSO recently caught up with him for a discussion on his company's efforts to adopt tokens as a way to address PCI DSS' rules on stored customer data. CSO: Let's start with a general picture of your organization's main security priorities.Yanez: Like everyone else, our biggest concern is protecting customer information and meeting the PCI DSS requirement -- particularly the parts about protecting stored data such as credit card and telephone numbers.

CSO: What are some of the basics in terms of the technology you've deployed to address that?Yanez: We have a security event management system in place to capture all the logs in our data center. We get alerts if anything strange shows up. We also have a vulnerability management system in the works so we can scan for all the security patches we need on a regularly basis. We want to be as up to date on patching as possible.

The link for this article located at Network World is no longer available.