Retail organizations routinely handle hundreds of thousands or even millions of credit cards as part of their business. Compliance with PCI DSS requirements is mandatory, but just as critically, retailers must maintain consumer trust that their PCI DSS information is being kept safe. In fact, in the event of a PCI DSS data breach, lost business can often be as expensive to a retailer as the cost of the actual PCI DSS data breach itself.
Proofpoint Enterprise Privacy helps retailers comply with Payment Card Industry (PCI) DSScompliance requirements by accurately identifying emails containing credit card primary account numbers (PANs) and blocking or encrypting the messages before they leave the organization.
PCI DSS compliance requirements also specify the need to keep virus software in place and updated. Proofpoint Enterprise Protection provides the industry’s best threat protection against modern-day, malicious threats. With low-volume phishing attacks targeted at corporate data, such as the volumes of credit card data that reside within typical retail organizations, care must be taken to ensure that the email security solutions are protecting them against these latest threats. Proofpoint Enterprise Protection delivers accurate threat detection, granular management of messages based on threat classification, and tools for response should the need arise to react to a direct attack.
- PCI DSS Compliance Requirements: Address several of the PCI DSS compliance requirements, including PCI DSS Compliance Requirement 4, which states "Encrypt transmission of cardholder data across open, public networks" Proofpoint Enterprise Privacy can accurately detect cardholder information and automatically encrypt emails before leaving the organization. » Learn more about PCI DSS compliance requirements.
- Sensitive Document Detection: Proofpoint Enterprise Privacy has the ability to fingerprint unstructured data, such as sensitive documents (e.g., product or sales announcements), and protect the information from unauthorized or accidental transmission. Proofpoint Enterprise Privacy can detect sensitive data even if the document format has changed – such as a simple paragraph from a Microsoft Word document that had been copied into the body of an email.
- Email Encryption: Proofpoint Encryption provides easy-to-use email encryption, backed by a strong compliance policy engine that ensures all sensitive content is protected before it leaves the organization. All encrypted messages are branded to your organizations compliance requirements. Recipients of Proofpoint encrypted emails follow extremely simple steps to authenticate and access their messages. No pre-registration or exchange of encryption keys is required to use Proofpoint Encryption; ad-hoc email encryption is fully supported.
- Smart Identifiers: Proofpoint's Smart Identifier technology dramatically reduces the number of false positives. Depending on the specific Smart Identifier, a variety of checks are performed, increasing the accuracy of the detection. For example, the Smart Identifier for credit card numbers performs the Lunh Algorithm check, which validates the checksum. This prevents any random 16-digit number from being flagged as credit card number. Custom Smart Identifiers can easily be added as well. ABA Routing Numbers and Social Security Number Smart Identifiers are also pre-built into the Proofpoint Enterprise Privacy solution.
- Accurate Detection of PANs: Accurate identification of Primary Account Numbers (PANs) is done utilizing a combination of Smart Identifiers along with the proximity matching. For example, the Smart Identifier for Credit Card Numbers performs the Lunh Algorithm check, but also checks for the an indicator in close proximity to the identified number, such as "CC#", "AMEX", "VISA", etc., significantly increasing the confidence level of the detection and virtually eliminating false positives.
- Flexible Compliance Policy Management: Granular PCI DSS compliance requirements and policies can be set, allowing specific sets of users to send and receive sensitive information via secure encryption with Proofpoint Encryption, yet prevent other groups from sending sensitive information altogether.
- Compliance Dashboard: Compliance officers have a dashboard view of their organization. Compliance incidents that require review are highlighted, with one-click drill-down access to each specific incident that may require intervention or remediation. Compliance reports summarize the number of encrypted messages that have been sent and the type of content that triggered the encryption (PAN, SSN, Sensitive documents, etc.
- Workflow: Detailed workflow is available to provide detailed tracking against each compliance incident. Compliance reviews can release messages by encrypting the messages, or leave messages blocked within the quarantine. Severe violations can be escalated for further review. Status of each incident in review is then logged.
- Flexible Remediation: The vast majority of compliance issues come from inadvertent data loss. Proofpoint Smart Send is a feature that allows administrators to selectively allow sender-based remediation. For example, a buyer may by negotiating an order of a new product for the upcoming holiday season without securing the communications. Smart Send can temporarily stop this message, send a notification back to the sender alerting them of the content within the message, but then also provide direct remediation options within the notification email: the ability to block that message permanently, the ability to release that message, or to encryption that message before sending. Smart Send can be enabled for the entire organization or for specific groups.
- Best-in-class Threat Protection: PCI DSS information has long been a target of hackers and retailers have a wealth of credit card numbers from customers. With phishing attacks on the rise, focused not on just end user account credentials, but increasingly on leveraging phishing emails as an entry vector to steal sensitive information from enterprise organizations, having a best-in-class threat protection system is critical when addressing any data protection strategies. Proofpoint Enterprise Protection ensures PCI DSS compliance requirements and provides the best threat protection available against these external malicious threats today.
- Full Support for Cloud-based Email Systems (e.g., MS Office 365): Proofpoint Enterprise Privacy is available as a cloud-based solution and provides all the same rich functionality available as an on-premise solution. This also seamlessly integrates to any cloud-based email solution, such as Microsoft's Office 365, ensuring PCI DSS compliance requirements while leveraging the cost benefits of the cloud.
- Secure Supplier Communications: Ensure that communication with your suppliers is secure with email encryption. At the same time, protect the relationship with your suppliers by blocking sensitive communications that may be sent to unauthorized 3rd parties.
- Protect Credit Card PANs: Ensure that PANs are encrypted if there is a reason that they need to be transmitted over email. Also ensure that your organization is protected from external malicious threats such as phishing and spear-phishing attacks which may be targeting access to PANs.
- Protect announcements from leaking out prematurely: Time sensitive announcements, such as planned product or sale announcements, need to be protected from leaking out prematurely.
- Detection Accuracy of PANs: No other solution on the market today provides the accurate detection of PANs like Proofpoint. This ensures that all NPI is encrypted, but just importantly, does not flag information that does not require encryption to be encrypted.
- Easy-to-Use, Fully Integrated Encryption: An easy-to-use, policy-based encryption solution, accurately identifying messages for encryption ensures your organization is maintaining PCI DSS compliance requirements.
- Mobile Support for Broad Range of Devices: Proofpoint solutions are fully optimized for mobile device usage, from both the sender and recipient perspectives. With the best mobile experience available from any solution today, this is critical as we see a growth in the variety of mobile devices in the enterprise environment.