Companies have until September 30 to comply or otherwise face fines up to USD 500,000

London, UK, 29 May, 2007 – GFI Software, a leading developer of network security, content security and messaging software, has today launched a white paper to explain what the Payment Card Industry Data Security Standards (PCI DSS) are, how they affect different companies and the repercussions of non-compliance.

As from September 30, 2007 all businesses handling cardholder data – irrespective of size – have to be fully compliant with strict security standards drawn up by the world’s major credit card companies. The move to tighten up security comes as an increasing number of firms report that customer data has been lost or stolen.

Credit card fraud was the most common form of identity theft with 26% of all reported occurrences in 2005, with more than USD 48 billion lost by financial institutions and businesses in that year and USD 5 billion lost by individuals. The white paper examines the consequences of cardholder data theft and explains in detail what the PCI directive is, why it is important that companies comply with the these standards, the consequences of non-compliance and finally, what solutions are available to help companies become compliant.

The white paper also outlines how two of GFI’s leading network security products – GFI LANguard N.S.S., a complete vulnerability management solution, and GFI EventsManager, a powerful events log management solution – can help companies to meet all the ‘technical’ requirements imposed by the PCI DSS.

For more information on PCI DSS please visit http://www.gfi.com/security/pci.htm and to download a copy of the white paper, http://www.gfi.com/whitepapers/pci-dss-made-easy.pdf. For more information on GFI LANguard N.S.S. visit http://www.gfi.com/lannetscan/ and on GFI EventsManager visit: http://www.gfi.com/eventsmanager/.