Today, both government and industry must comply with regulations designed to safeguard the confidentiality, integrity, and availability of electronic data from security breaches. Securing data is more than just good practice. For many industries, it's the law.
SAINT Customer Compliance –
SAINT® vulnerability assessments help government agencies and businesses safeguard information and comply with regulations. Network scans and penetration tests keep administrators and executives aware of threats to their systems. SAINT's easy-to-read reports provide a simple way to assess, rank, and prioritize the threats. SAINT's reports document network security efforts and demonstrate compliance with privacy laws and industry regulations.
SAINT® is helping both government and commercial organizations comply with the following laws and regulations:
- Payment Card Industry (PCI) Data Security Standard (DSS) for Merchants –
SAINT is an approved scanning vendor (ASV) of the PCI DSS. All merchants who accept payment cards (including online, mail, and phone orders) need to comply with the Payment Card Industry (PCI) data security standard (DSS). The PCI DSS was developed as a guideline to help merchants prevent credit card fraud, hacking, and other security threats.
PCI requires BOTH vulnerability assessment and penetration testing. SAINT provides integrated vulnerability assessment plus penetration testing, making it the ideal solution for PCI compliance.
- Government –
The Federal Information Security Management Act of 2002 (FISMA) requires federal agencies to provide information security for their information technology assets.
- Public Companies –
The Sarbanes-Oxley Act (SOX) of 2002 requires companies to implement controls to safeguard financial data.
- Healthcare –
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulates the security and privacy of patient records and other health information.
- Financial Institutions –
The Gramm Leach Bliley Act (GLBA) requires IT controls to keep customer financial information private and confidential.
- Companies with general-audience Web sites –
The Children's On-line Privacy Protection Act (COPPA) requires companies who collect data from children to implement safeguards.
