Moscow Industrial Bank confirms the compliance to requirements of the international standard of security

The Nvision Group company completed certification audit of payment system JSC Moscow Industrial Bank on compliance to the standard of security of PCI DSS 2.0.

Background

"In 2011 our bank for the first time received the status PCI DSS compliance v1.2.1, – Alexey Samokhin, the head of department of data protection of MINB explained. – This year we decided "raise a bar" and carry out the certified assessment on compliance of version 2.0 of this standard". Carrying out audit the bank entrusted NVision Group.

Solution

Specialists of NVision Group within one and a half months checked the level of information system protection of bank on the following fields of control:

• creation and support of the protected network;
• regular monitoring and testing of network;
• support of information security policies;
• implementation of measures for strict access control;
• support of a management system for vulnerabilities and data protection of holders of cards.

Result

By testing it is defined that Moscow Industrial Bank meets all requirements of international payment systems for information security support, including when carrying out Internet transactions.

Opinion

"The task of experts of NVision Group with whom we cooperate on a miscellaneous to cybersecurity projects long ago and fruitfully was complicated by the fact that at the same time other team of auditors checked compliance of the systems of bank to the domestic standard – service station of BR IBBS-1.0-2010 (the 4th level of compliance is received). Thanks to careful and laborious joint work of our "IT specialists" and the invited specialists we successfully passed all tests that speaks about high professionalism of all participants", – Alexey Matreshin, the vice president of MINB emphasizes.

Briefly about a subject

Payment Card Industry Data Security Standard (PCI DSS) is the information security standard of the industry of payment cards developed by Council for the standards of security of the industry of payment cards (Payment Card Industry Security Standards Council, PCI SSC) founded by international payment systems of Visa, MasterCard, American Express, JCB and Discover.

The standard represents set of 12 detailed safety requirements of the payment cards given about holders which are transferred, stored and processed in information infrastructures of the organizations.