Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Textbook vendor automates encryption key management

Thales : 19 August, 2009  (Application Story)
Thales has assisted Follett Higher Education Group to automate its encryption key management processes and become PCI DSS compliant
Thales announces that Follett Higher Education Group has selected its encryption and key management solutions. As a result Follett has eliminated time-consuming manual processes for managing encryption keys - a key requirement for compliance under the Payment Card Industry Data Security Standard (PCI DSS).

Follett Higher Education Group sells more than 23 million textbooks annually in stores and online, and operates more than 700 campus bookstores for colleges and universities across the United States. For every transaction the company protects its customers' personal data from breaches, complying with PCI DSS. Prior to selecting the Thales solution Follett security administrators manually replaced or rotated old encryption keys by hand in order to fulfill one of the PCI DSS requirements.

By installing Thales hardware security modules (HSMs) from the nCipher product line, Follett has substituted time consuming and unreliable manual processes with an automated key management, storage and generation process. Thales HSMs are deployed on a server and safely distribute encryption keys to Follett's e-commerce and point of sale systems. As a result Follett can rotate encryption keys in a fraction of the time compared with the manual process. Thales HSMs also store the encryption keys in hardware, a best practice for protecting encryption keys.

"With Thales HSMs, we can easily protect, manage, and rotate encryption keys, enabling PCI DSS compliance without the need for expensive manual controls," said Irwin Gafen, Follett's director of wholesale and distribution systems. "Our keys are safe from internal and external tampering, safeguarding our encrypted data against theft or manipulation. Our customers' personal data is protected and we are protected from the potentially high costs of compromised data."

After evaluating a number of competitive solutions on the market, Follett selected Thales HSMs based on the solution's flexibility and ease-of-use. Follett also capitalized on Thales's professional services team, which reviewed the company's security procedures, policies, and systems. The team then developed an implementation plan that fully supported Follett's needs and continued PCI DSS compliance.

"The increasingly high standards of regulation and industry best practices require organizations to better protect sensitive data such as customer details and credit card account information, and encryption has emerged as the preferred method for achieving this", says Serge Dujardin, Vice President Sales for the information systems security activities of Thales. "The Thales nCipher product line delivers a versatile platform that allows companies of all sizes to securely and cost-effectively protect their data and comply with PCI DSS requirements. We are delighted that Follett have chosen Thales HSMs to protect their sensitive customer data."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo