PCI DSS Compliance | Smartcrypt

Simplify PCI compliance and manage risk

The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry-mandated security requirements for credit and debit card transaction processing. PCI DSS applies to stores, online retailers and other organizations, and covers a broad range of security topics including network configuration, data protection, internal control and policy development.

A council composed of major credit card corporations is responsible for maintaining PCI DSS requirements. While compliance is not mandated by United States federal law, some state laws require that payment processors comply with PCI DSS or similar standards.

The challenge of unstructured data

PCI DSS requires that banks, payment processors, and other organizations protect credit card data at rest and in transit. Most organizations have solutions in place that meet PCI requirements for their database environments. However, PCI data also exists in unstructured data—in files on employee devices and servers—and represents a significant risk.

Unstructured data accounts for 80% of a typical organization’s data, and is expanding at an exponential rate. Employees at banks, payment processors, and other organizations are constantly extracting sensitive information—including credit card data—and saving it into files on desktops, laptops, and file servers. IT and security administrators often have no visibility into what types of data their employees are saving in files, and no ability to remediate it without manual intervention.

PKWARE data redaction for PCI DSS compliance

PKWARE’s automated data redaction technology removes credit card numbers from files based on organizational policy. Redaction takes files out of scope for PCI requirements, and ensures that cardholder data will not be exposed in the event of a computer theft or other security event.

Automated data redaction addresses the problem of credit card numbers in unstructured data, without breaking user workflows.

Other file contents remain unchanged, allowing employees to continue to do their jobs
Files remain in their original locations
Our industry-best discovery technology minimizes the problem of false positives
Administrators can also configure the solution to save a copy of each file in a quarantined location, preserving the unredacted data in case it may be needed

Whitepaper

PCI Compliance and Unstructured Data

Download PDF

Solution Sheet

A printable summary of PKWARE's automated data redaction solution for PCI DSS.

Download PDF

Case Study

See how a global bank is using PKWARE to ensure PCI compliance.

Download PDF

PKWARE Data Redaction

Learn more about PKWARE's data redaction technology.

Learn More

Benefits

Simplify PCI DSS compliance and reporting
Reduce the risk of PCI violations and sanctions
Protect cardholder data against accidental loss or theft

Support Center

Find answers & help here.

View Support Site

Help Request

Our expert technicians are standing by.

Get Help Now

Sales Team

Request an expert consultation.

Contact Sales