Remove credit card numbers on employee devices and servers

One of the biggest risks to PCI compliance is cardholder information that exists outside the organization’s controlled database environment. When credit card numbers are extracted from a database and stored as unstructured data—in files on employee devices and file servers—they pose a significant threat.

Most organizations have no visibility into the data stored in files by their employees, leaving compliance and risk managers unable to control spreadsheets, documents, and other files containing credit card numbers. These files can lead to failed audits and data breaches, especially when files are copied to cloud folders or other inappropriate locations.

Automated Redaction for PCI Data

With PKWARE's data redaction technology, your organization can permanently remove credit card numbers as soon as they appear in files on employee computers, file servers, and in other locations.

Automated redaction ensures that account information cannot be shared or stored in unauthorized locations. It also means that cardholder data will not be exposed in the event of a computer theft, misuse of employee credentials, or other security event.

Real-Time Policy Enforcement

Global banks and other organizations use PKWARE’s redaction solution to remove credit card number from files on employee laptops and desktops.

PKWARE’s automated technology removes sensitive data from inappropriate locations, and eliminates manual processes that can expose an organization to compliance failures and other risks. Organizations can remediate sensitive data as soon as it appears, and can also remove credit card numbers from legacy data, taking terabytes of stored data out of PCI scope.

Here’s how it works.

  1. Using PKWARE’s intuitive control panel, administrators apply data redaction rules to user devices and file servers where credit card numbers may be saved inappropriately. Administrators can use PKWARE’s pre-configured definitions of PCI data, or create their own definition of data types that require redaction.

  2. PKWARE’s automated technology monitors file activity and scans new or modified files to determine whether they contain PCI data.

  3. When a user enters or imports credit card numbers into a file...
    Unredacted Data Screenshot

  4. The middle six digits of each number are automatically redacted, while other file contents remain unchanged.
    Unredacted Data Screenshot

  5. Unlike tokenization, data redaction cannot be undone, so files containing redacted data can be taken out of PCI compliance scope, no matter how many times the files are copied or shared.


Solution Sheet

A printable summary of PKWARE's automated data redaction solution for PCI DSS.

Download PDF

Whitepaper

PCI Compliance and Unstructured Data

Download PDF

Case Study

See how a global bank is using PKWARE to ensure PCI compliance.

Download PDF

Benefits

  • Simplify PCI DSS compliance and reporting
  • Reduce the risk of PCI violations and sanctions
  • Protect cardholder data against accidental loss or theft