Configuresoft Announces Industry`s First Free Utility to Help Ensure Payment Card Industry Data Security Standard v1.2 Compliance

Compliance Checker Delivers Immediate Assessment Against PCI DSS v1.2 as Defined
by PCI Security Standards Council
NEW YORK--(Business Wire)--
Configuresoft, a leading enterprise server configuration management company,
today announced the limited availability of Configuresoft Compliance Checker for
PCI DSS v1.2, the industry`s first-ever free downloadable utility that helps
organizations validate IT infrastructure compliance with the just-released
Payment Card Industry Data Security Standard (PCI DSS) v1.2. 

Configuresoft launched Compliance Checker for PCI DSS v1.2 at the National
Retail Federation`s 98th Annual Convention & Expo in New York as a must-have
utility for delivering audit-quality reports that help organizations ensure the
security and compliance of servers and desktops handling credit card data.
Compliance Checker for PCI DSS v1.2 validates the security posture of each
machine against the recommendations of PCI DSS v1.2 and identifies non-compliant
configurations. To help organizations prepare for a successful PCI audit, the
utility also includes the ability to complete the appropriate self-assessment
questionnaire (SAQ). 

According to Avivah Litan, vice president and distinguished analyst with
Gartner, Inc., "PCI DSS has driven badly needed improvements in merchants` and
other credit accepting enterprises` handling of customers` card data.
Organizations should check that their environments are secure and compliant, and
put in place steps to achieve continuous compliance, as protecting card holder
data is a requirement before, during and long after an audit." 

Many of the world`s leading companies use Configuresoft solutions to maintain
PCI-DSS compliance. Its flagship Enterprise Configuration Manager (ECM) enables
full visibility into IT infrastructure to help enterprises automate IT tasks to
reduce errors, improve operational efficiency, manage virtual sprawl, and
understand the impact of both planned and unplanned changes. 

"Given our PCI DSS audit needs and regulatory challenges, the ability to find a
solution with deep security and compliance content was a critical factor in our
decision to deploy Configuresoft`s ECM," said Mark Pacetti, vice president of
information systems, North America, at Tiger Direct. "Configuresoft`s ECM gives
us the visibility into the compliance posture of our IT infrastructure against
PCI DSS compliance to help us proactively detect and remediate violations before
they impact our compliance." 

Configuresoft`s Compliance Checker for PCI DSS v1.2 is based upon the PCI DSS
templates developed by Configuresoft`s Center for Policy and Compliance (CP&C).
The utility is built upon the same successful platform of the previously
released Compliance Checker for VMware ESX, which provides compliance checks
against VMware hardening guidelines and Center for Internet Security (CIS)
benchmarks for thousands of VMware customers. 

"With the number of significant data security breaches caused by inadequate
security and compliance practices, there`s no excuse for companies not to be
proactive about assessing their environments. IT departments in companies that
process payment card data need to understand the compliance posture of their IT
infrastructure," said Dave Shackleford, director of Configuresoft`s CP&C. "We
invite every IT department that is processing credit card data to download the
free Compliance Checker for PCI DSS v1.2 and assess the compliance posture of
their systems that store, process, or transmit payment card data." 

"Our in-depth interviews with merchants, PCI assessors, acquiring banks,
security technologists and service providers consistently indicate that
achieving PCI leadership requires companies to go beyond just using PCI
standards as a starting point," said Dave Taylor, Founder of the PCI Knowledge
Base. "They must also develop procedures and implement software tools to ensure
that their environment remains compliant on a nearly continuous basis, not just
at audit time. Utilities like Configuresoft Compliance Checker for PCI can help
make it easier for IT organizations to assess and maintain an on-going program
of PCI compliance." 

The PCI Knowledge Base leadership report is available at http://knowpci.com. 

Compliance Checker for PCI DSS v1.2 will be available for free download from
Configuresoft on January 19, 2009 at http://compliancechecker.configuresoft.com.


About Configuresoft

Configuresoft, the world`s leading enterprise configuration management provider,
delivers automated and optimized Lean IT, secure and compliant Clean IT, and
energy efficient Green IT to IT Operations. Hundreds of organizations, including
13 of the world`s 25 largest companies, rely on Configuresoft to effectively and
efficiently manage the complexity of today`s physical and virtualized IT
environments. Configuresoft`s team of security and policy experts ensure
continuous compliance with regulatory requirements such as Sarbanes-Oxley and
industry standards such as PCI DSS and Microsoft and VMware Hardening Guides. To
contact Configuresoft, please call (888) 447-2220 or visit
www.configuresoft.com. 





SS PR
Kristin Miller, 719-634-8292
kmiller@sspr.com

Copyright Business Wire 2009