New Level 2 Merchant PCI Packages from RSA Offer Immediate, Actionable Solutions to Meet End-of-Year Deadlines

BEDFORD, Mass., Oct 07, 2008 /PRNewswire via COMTEX News Network/ -- RSA, The Security Division of EMC
(NYSE: EMC), today announced two packages of information security products
designed to help Level 2 Merchants address their immediate challenges
associated with Payment Card Industry (PCI) Data Security Standard (DSS)
compliance.

Visa USA and MasterCard define Level 2 Merchants as any business annually
processing between 1,000,000 to 6,000,000 credit card transactions, regardless
of acceptance channel, per year.

The RSA packages are designed to allow Level 2 Merchants to apply a set of
enterprise-quality solutions -- including data discovery, encryption, role-
based access control, strong authentication, security information & event
management and compliance reporting -- to their toughest PCI challenges. One
package contains strong authentication, security information & event
management and encryption solutions, while the second package contains strong
authentication and security information & event management offerings. These
technologies can be used to help merchants comply with PCI requirements 3, 7,
8 and 10, while also helping organizations to actively demonstrate this
compliance. The need for a packaged set of PCI solutions for Level 2
businesses was identified in a whitepaper recently commissioned by RSA,
highlighting original research by analyst firm Enterprise Management
Associates into the challenges that Level 2 businesses face with respect to
PCI DSS compliance.

"With its introduction of PCI packages for Level 2 businesses, RSA, The
Security Division of EMC, is bringing to market a set of actionable PCI
solutions for this class of organization," said Scott Crawford, Research
Director of Enterprise Management Associates. "Leveraging its thought
leadership in encryption, strong authentication, role-based access control and
security information and event management, RSA's PCI packages put enterprise-
grade tools within the reach of the Level 2 business."

All MasterCard(1) and 282 of Visa's(2) Level 2 Merchants are required to
validate PCI compliance prior to December 31, 2008. Due to the repercussions
associated with failing to comply, including increased fees, fines and
ultimately losing the right to accept credit cards, today's businesses face
unprecedented levels of accountability for securing cardholder data.

"Customers have made it clear that while progress has been made with
respect to cardholder data security, initially demonstrating and maintaining
PCI compliance remains one of the broadest and most complex challenges faced
by businesses, payment processors and banks of all sizes," said Steve Preston,
Senior Director, Solutions Marketing at RSA, The Security Division of EMC.
"This challenge is particularly significant for the Level 2 Merchants facing
compliance deadlines on December 31, 2008. By delivering inclusive security
packages specifically designed for Level 2 businesses, we can help our
customers get closer to where they need to be by year-end."

RSA's PCI Packages for Level 2 Businesses

These two distinct PCI packages offer actionable, enterprise-class
security products to Level 2 Merchants facing immediate challenges associated
with PCI DSS compliance. Complemented with installation services, the
individual components are available in easy-to-deploy form factors and are
also highly scalable - allowing for future expansion and the ability to
address additional security and compliance initiatives.

Individual components include:

Strong Authentication: RSA SecurID(R) 25-User Hardware Appliance Bundle

To help organizations address PCI DSS requirement 8, which calls for
strong authentication, the RSA PCI packages include a 25-user RSA SecurID
appliance bundle, which contains a hardware appliance, hardened operating
system, RSA(R) Authentication Manager software, hardware support, cabling,
documentation, and 25 RSA SecurID 700 tokens.

Security Information and Event Management: The RSA enVision(R) platform

To help businesses track and monitor access as mandated in PCI DSS
Requirement 10, RSA's PCI packages include an RSA enVision appliance capable
of handling 2,500 sustained events per second. An additional design and
implementation service for the RSA enVision solution complements the packages.

Data Protection Option: RSA(R) File Security Manager

To address PCI DSS Requirement 3, which details data protection best
practices, one version of the RSA PCI packages contains RSA File Security
Manager. This option is designed to enable the transparent encryption of both
production and non-production files and folders for Windows(R) based systems.

Data Discovery Option: RSA(R) DLP RiskAdvisor Service (Optional Addition)

Securing credit card data as required by the PCI DSS is impossible without
finding the data first. The RSADLP RiskAdvisor Service is an optional
addition to the PCI packages and is engineered to help businesses determine
where cardholder data resides across endpoints and within data centers.

While the offerings in the RSA PCI packages are configured to help Level 2
businesses tackle their immediate PCI challenges, these technologies can be
expanded over time to address future additional security and compliance
initiatives. Additional information on how to do this can be found at
www.rsa.com/pci

About RSA

RSA, The Security Division of EMC, is the premier provider of security
solutions for business acceleration, helping the world's leading organizations
succeed by solving their most complex and sensitive security challenges. RSA's
information-centric approach to security guards the integrity and
confidentiality of information throughout its lifecycle - no matter where it
moves, who accesses it or how it is used.

RSA offers industry-leading solutions in identity assurance & access
control, data loss prevention, encryption & key management, compliance &
security information management and fraud protection. These solutions bring
trust to millions of user identities, the transactions that they perform, and
the data that is generated. For more information, please visit www.RSA.com and
www.EMC.com.

RSA, SecurID and enVision are registered trademarks and/or trademarks of
RSA Security Inc. in the U.S. and/or other countries. EMC is a registered
trademark of EMC Corporation. Microsoft and Windows are either registered
trademarks or trademarks of Microsoft Corporation in the United States and/or
other countries. All other products and/or services mentioned are trademarks
of their respective companies.

(1) http://www.mastercard.com/us/sdp/merchants/merchant_levels.html

(2) http://usa.visa.com/download/merchants/cisp_pcidss_compliancestats.pdf

SOURCE EMC Corporation

http://www.emc.com

Copyright (C) 2008 PR Newswire. All rights reserved