BEDFORD, Mass.— RSA, The Security Division of EMC (NYSE: EMC), today announced that its Payment Card Industry Data Security Standard (PCI DSS) Solution portfolio - a suite of products and services that help enable customers to answer the most challenging IT security technology challenges associated with the PCI DSS - is now available in Latin America and the Caribbean. As deadlines for merchants in Latin America to achieve compliance near, RSA's solutions will help businesses discover, secure and control access to cardholder data - and ease the process of proving PCI DSS compliance. RSA has also launched its first Latin American web sites for Argentina, Brazil, Colombia and Mexico, which also provide educational tools and content associated with the PCI DSS, in Portuguese or Spanish.

The PCI Data Security Standard is a framework of best practice requirements for all organizations that store, process or transmit cardholder data. Developed by the major payment card brands, the PCI DSS is global in scope and applicable to business of all sizes - online and offline. The standard covers a wide range of best practices, such as IT security policy, data encryption, user authentication, physical and logical access control, logging and reporting, application security and perimeter IT controls.

"Companies in Latin America and the Caribbean handling cardholder data now face tighter requirements for ensuring the security of that information. The challenges are significant - companies must understand where card data resides throughout the organization and use best practices to ensure this data - and access to it - is secure. Companies must also prove that they've taken the precautions outlined in the standard, and that they're actively monitoring for unauthorized access," said Jim Melvin, vice president, Marketing at RSA, The Security Division of EMC.

"We have been a partner with RSA for over five years, and are excited to be collaborating with RSA to extend the reach of their RSA PCI Solution portfolio within the Latin American region," said Massilon Araujo, Unicert Brasil, an information security company serving all of Latin America. "Unicert has had significant experience in providing consulting and integration services for enterprises looking to be compliant with PCI DSS in the region, and with RSA we can help merchants, banks and others to better protect their customers' credit card data".

About the RSA PCI Solution

To help address the requirements, the RSA PCI Solution encompasses a range of IT security technologies and services that answer key customer questions:

• Where is all of my company's stored cardholder data?
• How do I ensure that data is secure?
• How do I streamline compliance and position my business for growth - rather than react to audits?

Key Details

• PCI DSS Pre-Assessment & Gap Analysis professional services offerings that help customers understand their current PCI posture and develop a remediation roadmap prior to undergoing a formal PCI audit.
• Tablus Content Sentinel is designed to enable organizations to discover key cardholder data across thousands of laptops, desktops and servers in large corporate environments. With Tablus Content Sentinel, organizations can scan thousands of computers simultaneously, helping to eliminate network impact and cutting scan time from months to hours - all while delivering the highest levels of precision detection.

Securing Credit Card Data

Products and Solutions

• RSA® Access Manager software is engineered to provide the ability to control access to Web-based resources and enforce centralized user policies across the organization
• RSA® Database Security Manager is built to enable customers to encrypt information at the database level, and enforce role-based access control
• RSA® File Security Manager is designed to offer customers the ability to protect credit card data maintained in files on desktops, laptops and servers against internal and external attacks, and enforce role-based access control
• RSA® Key Manager is engineered to be an enterprise-wide key management offering that helps organizations to manage encryption keys generated by disparate enterprise applications, and allows corporate software developers to integrate security easily into their applications based on established security policies
• RSA SecurID® two-factor authentication technology is built to provide a proven means of ensuring the identity of users accessing critical resources, including cardholder data

Services

• Design and Implementation for Storage Encryption service helps customers determine appropriate disk or storage encryption solutions, and integrates them into customer environments
• Information Security Policy professional service offerings help customers evaluate and develop policies and processes for developing and improving their information security programs

Streamlining Compliance and Ensuring Sustained Controls

For more information:

RSA websites for Argentina, Brazil, Columbia and Mexico which provide educational tools and content associated with the PCI data security standard, in Portuguese and Spanish:

• RSA Argentina (http://argentina.rsa.com/)
• PCI DSS Resources: http://argentina.rsa.com/pcidocs
• RSA Brazil (http://brazil.rsa.com/)
• PCI DSS Resources: http://brazil.rsa.com/pcidocs
• RSA Colombia (http://colombia.rsa.com/)
• PCI DSS Resources: http://colombia.rsa.com/pcidocs
• RSA Mexico (http://mexico.rsa.com/)
• PCI DSS Resources: http://mexico.rsa.com/pcidocs

About RSA

RSA offers industry-leading solutions in identity assurance & access control, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.