eSEC for PCI

Overview

VigiTrust's eLearning solution eSEC for PCI, enables your organization to become fully compliant with the security awareness obligation of the PCI DSS. For a brief demo go to: eSEC Sampler

The PCI DSS states the following:

12.6: Implement a formal security awareness program to make all employees aware of the importance of cardholder data security.
  ► eSEC for PCI enables your organization to implement a security awareness program across the whole organization.

12.6.1: Educate employees upon hire and at least annually (for example, by letters, posters, memos, meetings, and promotions). 
  ► eSEC for PCI can be set up so that all new hires must complete its course before proceeding with any other IT activity.

12.6.2: Require employees to acknowledge in writing that they have read and understood the company’s security policy and procedures. 
  ► eSEC for PCI enables your organization to meet this requirement by forcing employees to read and accept the company's security policy. eSEC then allows the PM responsible for PCI DSS to control and monitor awareness levels by retaining accurate logs of personnel who have taken and successfully completed the course.

Centrally Managed Training

Not only does eSEC for PCI meet the security awareness obligation of the PCI DSS, it enables your organization to centrally manage its security awareness program.

Customizable Training

eSEC for PCI is the only fully customizable eLearning solution for PCI available on the market.

• Branding: eSEC for PCI can be customized with your organizations branding.
• Look and Feel: eSEC can be customized to have the same look and feel as your organizations existing eLearning  courses.
• Content: eSEC for PCI can have its content customized to suit your organizations particular training need. VigiTrust has a large library of training material available, and will work with your organization to create training which suits your target audience.
• Reuse pre-existing content: Where an organization has existing training material which it would like to re-use, VigiTrust will work to incorporate such material in that organizations implementation of eSEC for PCI.
   

Expertly Designed Training

• eSEC for PCI has been designed by security experts who have years of PCI experience. It contains best practice guidance based on these experts actual experience.
• eSEC for PCI is designed based on best practice for eLearning, with clearly defined goals & objectives for learners when studying on-line
• eSEC for PCI delivers the required training in a limited time, and can be undertaken at a time which suits both the student and the organization.
• eSEC for PCI is interactive, and engages the student throughout, in order to maximize retention.
• eSEC for PCI is specifically designed to have a greater user retention than traditional training, thus improving learning ROI per user.
• eSEC for PCI can be used as a collaboration and social networking platform for interaction between learners and instructors or between fellow users

Ease of Deployment

Enrollment: eSEC for PCI has several methods of user enrollment designed to suit your organizations environment:

• Self-enrollment
• LDAP, eSEC can be populated by means of LDAP integration.
• On-line enrollment via third party authentication mechanism.

Visibility:

• Administrators can see in student activity in real time, i.e. enrollment levels, completion rates and exam results.

Automatic Certification:

• Certificates are issued upon successful completion of the course and exam. In addition enhancing student satisfaction, certificates are logged so that in the event of a PCI audit your organization can prove who has taken and passed the PCI course.

Exam design

• Your organization can chose the pass mark for each exam. Exam questions can be selected from a library of questions.

Architecture

eSEC is available on a robust framework known as Moodle. Moodle is an open source online learning environment that enables organizations to provide students with access to learning and teaching content such as web pages, flash training modules as well as activities including exams and blogs.

eSEC is SCORM compliant and can be integrated with customers existing VLE (Virtual Learning Environment). It has been tested with key LMS Market leaders for security integration. VigiTrust resident SCORM experts can help you organixation integrste eSEC with your LMS environment, so that you can benefit from the features of eSEC within your organizations environment.

eSEC is also available as learning on demand  whereby eSEC out of the box content is hosted by VigiTrust and the LMS is provided to your organization through eSEC's interface. Most organizations however prefer to host eSEC on their existing LMS or on a dedicated server pre-built by VigiTrust to host eSEC within their infrastructure.

Technology

eSEC boasts native security features which enable master users:

• Access control features for managing student access.
• Secure remote administration.
• For compliance and governance purposes eSEC supports full reporting and traceability for each user role, including master user, administrator and student.
• Audit trail features. 
• Have granular user permission management
• Enable secure collaboration based messaging within its framework by providing collaborative forums protected by AV and Anti-Spam technology.

 
eSEC is also available for the following topics:

• Physical & People Security
• Data & IT Security
• Corporate Communications Tools - Security 101
• Business Continuity / Disaster Recovery
• Secure Printing & Dematerialization of Data

To Request more information go to request info

Contact VigiTrust