Government Technology
Digital Communities: city, county and regional technology news

State of Michigan Meets Payment Card Security Standards

my GT

Print
Comment

May 6, 2008, News Report

Found in: Security

Photo: Michigan CIO Ken Theis

Michigan government has certified that it is compliant with the Payment Card Industry's (PCI) strict standards for ensuring that cardholder information is protected and secure.

"This is a monumental accomplishment for the State of Michigan," said Ken Theis, director of the Michigan Department of Information Technology (MDIT) and CIO for the state of Michigan. "The fact that Michigan was able to gain compliance shows the commitment we have to ensuring that our citizens are safe and secure when sharing their payment card information with the state."

The PCI Data Security Standards apply to financial institutions, Internet vendors and retail merchants that detail the security measures and auditing procedures required to protect private cardholder information during payment card transactions. All major card brands require these Data Security Standards to assure the protection of cardholder data gathered during transactions.

"Becoming compliant with the Payment Card Industry's strict security standards is no small feat," added State Treasurer Robert Kleine. "I am extremely proud of what we have done to get to this point, proud of our partnership with MDIT, and proud that we are living up to the trust that our citizens place in the hands of their government."

Michigan used the "digital dozen" to become PCI compliant, which included:

  • Installing and maintaining a firewall configuration to protect cardholder data
  • Not using vendor-supplied defaults for system passwords
  • Protecting stored cardholder data
  • Encrypting transmission of data across open/public networks
  • Using and updating anti-virus software
  • Developing and maintaining secure systems and applications
  • Restricting access to cardholder data to the need-to-know business
  • Assigning a unique ID to each person with computer access
  • Restricting physical access cardholder data
  • Tracking and monitoring access to network resources
  • Regularly testing security systems and processes
  • Maintaining a policy focused on information security.

Latest News in Security

View All Security

Latest Government Technology News

View All Government Technology News

Industry Solutions for Government

Read real world deployments of technology in government from our sponsors.

View All Industry Solutions
Exclusive white papers, best practices
and presentations. Registration required.

Highlights

  • Digital Cities Winners Showcase I-Seminar

    The original event was broadcast on: Wednesday, March 26, 2008 - Duration: 60-minutes

  • Special Report: A Foundation for the Future of Local Government
    In fiscal 2008, governors' budget proposals show a lower expected growth rate of just 4.2 percent, with expenditures expected to total $642 billion. Pressures will likely increase in health care, criminal justice, employee benefits and pensions, and physical infrastructure -- in part to make up for the lingering effects of cuts made in previous years. Even so, demand for digital infrastructure is increasing.
  • Why Mobile Device Management is Critical to IT
    Learn more about how IT organizations can manage mobile devices as corporate assets, and safeguard the corporate data that is accessed on them.