Heartland Payment Systems Case Study

1566 Words7 Pages
Heartland Payment Systems is a Global Payments company. Global Payments Inc. (NYSE: GPN) is a leading worldwide provider of payment technology services that delivers innovative solutions driven by customer needs globally. Our technologies, partnerships and employee expertise enable us to provide a broad range of products and services that allow our customers to accept all payment types across a variety of distribution channels in many markets around the world.
Headquartered in Atlanta, Georgia with more than 8,500 employees worldwide, Global Payments is a member of the S&P 500 with merchants and partners in 29 countries throughout North America, Europe,
…show more content…
The company manufactures more than 11 million transactions per day and more than $80 billion in transactions in one year, making it the fifth-largest payment processor in the U.S. and 9th in the world. From the beginning, its business model has been to hire leading-edge technology and economies of scale to deliver its clients money on every transaction. Even though assessed as in aggrement with the Payment Card Industry Data Security Standard and employing multiple layers of security to protect cardholder data, Heartland even suffered a costly data breach in 2008. The episode eagered Heartland to conduct an internal and industry-wide determination of payment card security with the goal of providing the most secure and trusted services for Merchants and clients. Like many card processors and large retail companies, Heartland performs credit card processing according to industry best practices. When the breach took place, Heartland was using several specific products to encrypt “data at-rest”. One of the messages learned was that protection of a whole database or a zone within the processing environment still leaves points of vulnerability or “air gaps” for cyber criminals to accomplishment. If data leaves a database in clear text as it travels to a designated application,…show more content…
This infrastructure, managed by the Financial Services Information Sharing and Analysis Center (FSISAC), allows for the publication of information about security threats to a full membership that includes not only banks but also a wide range of financial services providers. FSISAC lean on a foundation of public-private partnerships to promote the gathering of information about a range of security threats and disseminating that information surrounded by law constraint, government agencies, and FS-ISAC’s private-sector member firms. In partnership with the FS-ISAC, Heartland accompanied to establish the Payments Processing Information Sharing Council (PPISC) as a subgroup under the FS-ISAC umbrella. Following an organizational assemblage held in association with the FS-ISAC annual conference in May, response from the industry has been supportive and companies representing 85 percent of the industry’s processed merchant transactions have joined. Since the date of this workshop, the PPISC has formed a Steering Committee and choose Bob Carr as its chair. Two working groups has also formed among its members, a member-only portal on the FS-ISAC developed website, and helped structure a computer-based exercise involving data threats to be held in February 2010. At long last, it is emphasized that the objective of this

More about Heartland Payment Systems Case Study

Open Document