DIT - Michigan Government Earns Coveted 'PCI Compliance'

Michigan.gov Home	Home \| Contact Us \| Useful Links \| FAQ

About Us

Printer Friendly Text Only Version

Text Version

Share this link:

Michigan Government Earns Coveted 'PCI Compliance'

Date: May 6, 2008

Contact: Kurt Weiss, MDIT, (517) 335-0050

State of Michigan Meets Rigorous Payment Card Security Standards

Lansing , MI - Michigan citizens can breathe even easier when it comes to doing business with the State of Michigan by way of a payment card. Michigan government has certified that it is compliant with the Payment Card Industry’s (PCI) strict standards for ensuring that cardholder information is protected and secure.

“This is a monumental accomplishment for the State of Michigan ,” said Ken Theis, Director of the Michigan Department of Information Technology (MDIT) and CIO for the State of Michigan . “The fact that Michigan was able to gain compliance shows the commitment we have to ensuring that our citizens are safe and secure when sharing their payment card information with the state.”

The PCI Data Security Standards apply to financial institutions, Internet vendors and retail merchants that detail the security measures and auditing procedures required to protect private cardholder information during payment card transactions. All major card brands require these Data Security Standards to assure the protection of cardholder data gathered during transactions.

“Becoming compliant with the Payment Card Industry’s strict security standards is no small feat,” added State Treasurer Robert Kleine. “I am extremely proud of what we have done to get to this point, proud of our partnership with MDIT, and proud that we are living up to the trust that our citizens place in the hands of their government.”

Michigan used the “digital dozen” to become PCI compliant, which included:

Installing and maintaining a firewall configuration to protect cardholder data
Not using vendor-supplied defaults for system passwords
Protecting stored cardholder data
Encrypting transmission of data across open/public networks
Using and updating anti-virus software
Developing and maintaining secure systems and applications
Restricting access to cardholder data to the need-to-know business
Assigning a unique ID to each person with computer access
Restricting physical access cardholder data
Tracking and monitoring access to network resources
Regularly testing security systems and processes
Maintaining a policy focused on information security

For more information about PCI security standards, please visit: https://www.pcisecuritystandards.org/


	Related Content
•	New Initiative Positions Michigan as High-tech Leader
•	Michigan Maintains Certification for Payment Card Security Standards
•	Students Connected to Free Lunches
•	Michigan E-Store Gets a New Look
•	Governor Appoints Kenneth Theis Director of Department of Information Technology
•	Three More National Awards for Michigan Government Technology
•	Brown University Names Michigan as One of Best in American e-Government
•	Google, State of Michigan Announce Partnership to Enhance Internet Search Capabilities
•	Michigan Receives Statewide Leadership Advocacy Award
•	Efficiency Gains Continue Through Closing of Computer Centers
•	E-mail Consolidation Reduces Cost of Michigan Government
•	State of Michigan Web Site Now Offers Eight Foreign Languages
•	CyberMichigan Set for Transition
•	Michigan Technology Leader Recognized for Excellence
•	Michigan Web Site Receives the Only A+
•	Michigan Recognized for Outstanding Achievement in Technology
•	Excellence in Technology Awards Presented at Digital Summit
•	State of Michigan Launches Computer Security Center
•	Michigan Retains Number One Ranking in Digital Government
•	Citizens Reminded to Take Precaution While Online