Follett Higher Education Group Selects Thales HSMs to Assist with PCI DSS Compliance

New Encryption and Key Management Approach Automates Manual Processes

Stoneham, MA – 18 August 2009: Thales, leader in information systems and communications security, announces that Follett Higher Education Group has selected its encryption and key management solutions. As a result Follett has eliminated time-consuming manual processes for managing encryption keys – a key requirement for compliance under the Payment Card Industry Data Security Standard (PCI DSS).




Follett Higher Education Group sells more than 23 million textbooks annually in stores and online, and operates more than 700 campus bookstores for colleges and universities across the United States. For every transaction the company protects its customers’ personal data from breaches, complying with PCI DSS. Prior to selecting the Thales solution Follett security administrators manually replaced or rotated old encryption keys by hand in order to fulfill one of the PCI DSS requirements.

By installing Thales hardware security modules (HSMs) from the nCipher product line, Follett has substituted time consuming and unreliable manual processes with an automated key management, storage and generation process. Thales HSMs are deployed on a server and safely distribute encryption keys to Follett’s e-commerce and point of sale systems. As a result Follett can rotate encryption keys in a fraction of the time compared with the manual process. Thales HSMs also store the encryption keys in hardware, a best practice for protecting encryption keys.

“With Thales HSMs, we can easily protect, manage, and rotate encryption keys, enabling PCI DSS compliance without the need for expensive manual controls,” said Irwin Gafen, Follett’s director of wholesale and distribution systems. “Our keys are safe from internal and external tampering, safeguarding our encrypted data against theft or manipulation. Our customers’ personal data is protected and we are protected from the potentially high costs of compromised data.”

After evaluating a number of competitive solutions on the market, Follett selected Thales HSMs based on the solution’s flexibility and ease-of-use. Follett also capitalized on Thales’s professional services team, which reviewed the company’s security procedures, policies, and systems. The team then developed an implementation plan that fully supported Follett’s needs and continued PCI DSS compliance.

“The increasingly high standards of regulation and industry best practices require organizations to better protect sensitive data such as customer details and credit card account information, and encryption has emerged as the preferred method for achieving this”, says Serge Dujardin, Vice President Sales for the information systems security activities of Thales. “The Thales nCipher product line delivers a versatile platform that allows companies of all sizes to securely and cost-effectively protect their data and comply with PCI DSS requirements. We are delighted that Follett have chosen Thales HSMs to protect their sensitive customer data.”

About Follett Higher Education Group (www.fheg.follett.com)
Follett Higher Education Group of Oak Brook, Illinois, is the leading provider of bookstore services and the foremost supplier of used books in North America. Follett services five million students and over 400,000 faculty members through more than 700 stores. Follett also services more than 1,600 independent campus stores with its wholesale services, and has the most visited ecommerce collegiate website, efollett.com, that provides services and products through a network of more than 900 campus stores.

Notes to editor
Thales is one of the world leaders in the provision of Information and Communication Systems Security solutions for government, defense, critical infrastructure operators, enterprises and the finance industry. Thales’s unique position in the market is due to its end-to-end security offering spanning the entire value chain in the security domain. The comprehensive offering includes architecture design, security and encryption product development, evaluation and certification preparation and through-life management services.

Thales has forty years of unrivalled track record in protecting information from Sensitive But Unclassified up to Top Secret and a comprehensive portfolio of security products and services, which includes network security products, application security products and secured telephony products.

About Thales
Thales is a global technology leader for the Aerospace, Space, Defence, Security and Transportation markets. In 2008, the company generated revenues of 12.7 billion euros with 68,000 employees in 50 countries. With its 25,000 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers as local partners. www.thalesgroup.com
Contacts:

Hotwire

Press Agency

Alexia Ward/Sole Chirco

Tel. +44 (0) 207 608 2500

thales@hotwirepr.com



Liz Harris    

Thales     

+44 (0)1223 723612     

liz.harris@thales-esecurity.com





Reblog this post [with Zemanta]

Posted by John B. Frank Tuesday, August 18, 2009

0 comments

Payments Industry News Blog

Search the PIN Debit Blog by Subject

Kapersky Calls for Mass Adoption of Card Readers

Kapersky Calls for Mass Adoption of Card Readers