Мэдээ мэдээлэл

Data safety for everyone

October 7, 2019

It is natural for data safety to become an issue that is discussed worldwide due to recent technological developments. The data should keep the original meaning while being transmitted between individuals and organizations. How valuable is e-data? How important is it that data is valued accurately? Accurate transmission of data and data safety ensure steady business operation of organizations and individuals and secure their confidential data. Thanks to information technology’s advancement, our business tasks got easier to do with using smart phone, computer, tablet, networks and Internet connection. However, how do we protect our information? World’s leading nations, United States of America, Federal Republic of Germany and England, mainly focus on data safety and accurate transmission of data. Even though these nations heavily invest in these matters, they have acknowledged that it is impossible to completely eliminate the risk of information leakage. Therefore, they started to focus more on improving the situation and trying to perfect it. Let us introduce you a standardization that is highly significant to secure the safety of our financial and everyday information. What is PCI DSS? PCI DSS stands for Payment Card Industry Data Security Standard. This standard was initiated and created by the five most prominent payment card issuers Visa, MasterCard, American Express, Discover and JCB in September of 2006. The first version of the standard PCI DSS 1.1 mainly aimed to ensure the data safety of customers and card owners, protect data and improve data security. Today, this standard has got various versions and developed to become a set of standards that aim to create a reliable environment for payment card data security management, policy, operation, network architecture, programming, credit and debit card data processing, transmitting, saving and confirming. The organizations which aim to enforce this standard should meet the following requirements. 1. Installing Firewall and fully adjusting the settings to protect card owner’s data 2. Not using system password and original data of other safety parameters provided by manufacturer 3. Protecting card owner’s data 4. Transmitting card owner data in public networks and implementing vulnerability management program 5.  Regularly updating antivirus programs 6. Creating and preserving safe system and its usage; executing access control measures 7. Limiting business need to access into card owner data. 8. Making particular IDs for every individual accessing the computer 9. Limiting physical accesses to card owner data; appropriately managing and monitoring the network/system 10. Monitoring accesses to network backup data and card owner data 11. Regularly inspecting the security system and its process; Creating and implementing information safety policy 12. What advantages does implementing information safety policy have on your business? It protects your card owner data, digital information, and transaction information from hackers and lowers the risk of information leakage. Customer’s information confidentiality and safety is fully guaranteed by controlling and limiting access to information source and monitoring its process. In Mongolia, several commercial banks, fulfilling above requirements, have enforced this standard to protect financial and general information of their customers. Our company, iTools JSC, is working to apply this standard in information technology sector, especially in data center operation. A major risk of customer’s financial data leakage is eliminated by enforcing world-class standard PCI DSS in data center network and information safety procedures. This means iTools JSC’s information safety will be acknowledged to have world-class standards, and our customers will be able to suggest domestic and foreign online payment options and issue a payment card. “Trust Wave” company’s international expert Mr. Vincent and “ITools” JSC’s technology and development department.