When the PCI Council released its "Information Supplement: PCI DSS Tokenization Guidelines" last August, it was generally regarded as incomplete - a good introduction to the technology for merchants, perhaps, but lacking in key implementation specifics for Qualified Security Assessors (QSAs). Thankfully, someone stepped in: Adrian Lane, senior analyst for information security research and advisory firm Securosis.
On Wednesday, Feb. 29 from 2:00 - 3:00 pm, Adrian Lane will be in Liaison Technologies' booth 733 to hand out free copies of his white paper, "Tokenization Guidance: How to Reduce PCI Compliance Costs," and answer questions.
The Securosis paper fills in the gaps left by the PCI Council's Information Supplement by explaining exactly how to implement tokenization to meet PCI DSS compliance, reduce scope and lower compliance costs. The paper is the product of hundreds of hours of research and interviews with nearly a hundred merchants, payment processors, tokenization vendors and QSAs. Lane draws on this research to provide answers to the most commonly asked questions on tokenization readers have after reviewing the PCI Council's tokenization guidelines, providing sound and practical guidance in no-nonsense language. He also offers advice to internal auditors going through a self-assessment questionnaire, as well as to external auditors, and includes a comprehensive tokenization audit checklist.
About Adrian Lane, Analyst & CTO, Securosis
Lane is a security strategist with over 22 years of industry experience, specializing in database security, data security and software development. He brings a pragmatic perspective to selecting and deploying technologies, having worked on "the other side" as CIO in the finance vertical.
Liaison Technologies is a global integration and data management company providing unique and high-value solutions to securely move, transform and manage business information on-premise or in the cloud. With a comprehensive array of business-to-business and application-to-application integration and data transformation services, Liaison's practitioners implement data management infrastructures adapted to specific business requirements. Headquartered in Atlanta, Liaison has offices in the Netherlands, Finland, Sweden and the United Kingdom. For more information, visit www.liaison.com.