LONDON, January 28 /PRNewswire/ --

- Compliance Checker delivers immediate assessment against PCI DSS v1.2 as defined by PCI Security Standards Council

Vendorcom Cards Payments Conference -- Configuresoft, a leading enterprise server configuration management company, today announced the limited availability of Configuresoft Compliance Checker for PCI DSS v1.2, the industry's first-ever free downloadable utility that helps organizations validate IT infrastructure compliance with the just-released Payment Card Industry Data Security Standard (PCI DSS) v1.2.

Configuresoft announced Compliance Checker for PCI DSS v1.2 at the Vendorcom Cards Payments Conference 2009 in London as a must-have utility for delivering audit-quality reports that help organizations ensure the security and compliance of servers and desktops handling credit card data. Compliance Checker for PCI DSS v1.2 validates the security posture of each machine against the recommendations of PCI DSS v1.2 and identifies | non-compliant configurations. To help organizations prepare for a successful PCI audit, the utility also includes the ability to complete the appropriate self-assessment questionnaire (SAQ).

According to Avivah Litan, vice president and distinguished analyst with Gartner, Inc., PCI DSS has driven badly needed improvements in merchants' and other credit accepting enterprises' handling of customers' card data. Organizations should check that their environments are secure and compliant, and put in place steps to achieve continuous compliance, as protecting card holder data is a requirement before, during and long after an audit.

Many of the world's leading companies use Configuresoft solutions to maintain PCI DSS compliance. Its flagship Enterprise Configuration Manager (ECM) enables full visibility into IT infrastructure to help enterprises automate IT tasks to reduce errors, improve operational efficiency, manage virtual sprawl, and understand the impact of both planned and unplanned changes.

Given our PCI DSS audit needs and regulatory challenges, the ability to find a solution with deep security and compliance content was a critical factor in our decision to deploy Configuresoft's ECM, said Mark Pacetti, vice president of information systems, North America, at Tiger Direct. Configuresoft's ECM gives us the visibility into the compliance posture of our IT infrastructure against PCI DSS compliance to help us proactively detect and remediate violations before they impact our compliance.

Configuresoft's Compliance Checker for PCI DSS v1.2 is based upon the PCI DSS templates developed by Configuresoft's Center for Policy and Compliance (CPC). The utility is built upon the same successful platform of the previously released Compliance Checker for VMware ESX, which provides compliance checks against VMware hardening guidelines and Center for Internet Security (CIS) benchmarks for thousands of VMware customers.

With the number of significant data security breaches caused by inadequate security and compliance practices, there's no excuse for companies not to be proactive about assessing their environments. IT departments in companies that process payment card data need to understand the compliance posture of their IT infrastructure, said Dave Shackleford, chief security officer at Configuresoft. We invite every IT department that is processing credit card data to download the free Compliance Checker for PCI DSS v1.2 and assess the compliance posture of their systems that store, process, or transmit payment card data.

Our in-depth interviews with merchants, PCI assessors, acquiring banks, security technologists and service providers consistently indicate that achieving PCI leadership requires companies to go beyond just using PCI standards as a starting point, said Dave Taylor, Founder of the PCI Knowledge Base. They must also develop procedures and implement software tools to ensure that their environment remains compliant on a nearly continuous basis, not just at audit time. Utilities like Configuresoft Compliance Checker for PCI can help make it easier for IT organizations to assess and maintain an on-going program of PCI compliance.

The PCI Knowledge Base leadership report is available at

Compliance Checker for PCI DSS v1.2 is available for free download from Configuresoft at

About Configuresoft

Configuresoft, the world's leading enterprise configuration management provider, delivers automated and optimized Lean IT, secure and compliant Clean IT, and energy efficient Green IT to IT Operations. Hundreds of organizations, including 13 of the world's 25 largest companies, rely on Configuresoft to effectively and efficiently manage the complexity of today's physical and virtualized IT environments. Configuresoft's team of security and policy experts ensure continuous compliance with regulatory requirements such as Sarbanes-Oxley and industry standards such as PCI DSS and Microsoft and VMware Hardening Guides. To contact Configuresoft, please call +1-888-447-2220 or visit

Kristin Miller, +1-719-634-8292,, for Configuresoft