Dimension Data, the US$6 billion global ICT solutions and services provider, has announced today that it has been selected by Thailand’s Krungthai Card Public Co Ltd (KTC) to deploy the Payment Card Industry Data Security Standard (PCI DSS). This development will enable KTC’s operations to comply with more stringent security requirements and protect its growing consumer customer base.
Incorporated in 1996 as a then-subsidiary of the Krungthai Bank, KTC is now a leading consumer finance provider with more than 2.2 million accounts. Dimension Data was appointed to implement PCI DSS to ensure that KTC’s Centralize Log Management complies with regulatory security standards.
Dimension Data used the PCI module of Nasdaq-listed Splunk software which it resells to cover five key areas of security compliance: network, endpoint, access control, cardholders’ data, and the monitoring and testing of applications.
San Francisco-based Splunk is a leading provider of software designed to turn machine data into valuable insights for real-time operational intelligence. In the area of security and compliance, Splunk software enables real-time security monitoring, historical analysis and visualisation of massive data sets to provide security intelligence for both known and unknown threats.
The PCI solution will be able to collect and consolidate logs from various devices and servers, including real-time capturing of log-ins of applications. Dimension Data will customise a dashboard for KTC’s Centralize Log Management so that it can generate standard and ad-hoc reports from all logs, conduct audit trails and analyse machine data from one place to generate insights.
“Our business is based on trust. To keep building that with our growing 2.2 million accounts, we need a strong partner that has the proven track record to enable the company to comply with the stringent security requirements of the PCI data security standard,” said Danai Chudthong, IT infrastructure and Network Management manager at Krungthai Public Card. “Dimension Data has proven to be that partner. They listened to our requirements, offered insightful consultancy and recommended the best value solution to help us meet the compliance requirements to protect our growing customer base.”
PCI DSS has a comprehensive set of security requirements, many of which are stipulated by regulatory and governance organisations, to deal with major security IT issues. It is important to understand them and develop a roadmap of targets and goals to build a secure IT infrastructure for a business.
“Dimension Data understands PCI DSS requirements and how to get clients’ business operations to meet the compliance criteria set out by the standard,” said Sutas Kongdumrongkiat, Managing Director at Dimension Data Thailand. “This three-year PCI DSS project with Krungthai Card will further extend our track record and experience, and put us in a position to help other clients seeking to do the same in their operations.”