Presenter Photo

PCI-DSS specifies a set of best practices for protecting cardholder data that is collected by merchants. For many organizations, the keys to that data are controlled within their Active Directory infrastructure, and herein lies the seeds for success or failure during a PCI audit.

In this session, join Microsoft MVP, Darren Mar-Elia where he will discuss best practices for ensuring that access to PCI-related data is well protected and well-audited. He'll also touch on:

  • Ensuring you have good processes for granting access in Active Directory, to PCI data on a "need-to-know" basis
  • Ensuring you have good methods for auditing who has such access
  • Developing processes for reacting to those audits, using the power of Active Directory to grant or revoke access as needed

Join Darren and Brian Piirala from BeyondTrust as they explore PCI compliance and how third-party auditing solutions can help simplify the process of proving compliance.