Payment Card Industry
Data Security Standard
(PCI DSS) Compliance
Addressing Cardholder Data
Any entities involved in payment card processing—including those that store, process, or transit cardholder data—are expected to protect that data through specific controls known as the Payment Card Industry Data Security Standard (PCI DSS). While compliance is not mandated by US federal law, it is required by major credit card companies for any organization that processes, stores, or transmits payment card information. Assessments are performed annually, and non-compliant organizations can be subjected to fines and in some cases could incur greater penalties in event of a breach.
PCI DSS applies to stores, online retailers, and other organizations, and covers a broad range of security topics, including network configuration, data protection, internal control, and policy development.
More than 50% of organizations failed their interim
PCI DSS validation assessment due to
missing security controls.
Maintain Ongoing Visibility and Control
File, email, element-level, and format-preserving encryption protect cardholder data at rest and in motion.
Automatic scanning and protection in a single platform helps maintain an accurate scope and inventory for QSAs.
Real-time discovery runs across a myriad of platforms, whether the organization considers the location in PCI scope or not.
More than 40 masking options help meet PCI requirements while maximizing the business value of IT assets.
Prepare for PCI DSS 4.0
PCI DSS released version 4.0 on March 31, 2022. While organizations will not be held to the new standards until 2024, now is the time to put solutions in place that will empower them to meet and maintain compliance with PCI DSS version 4.0. PKWARE solutions keep businesses informed on what, where, and whose data exists across the enterprise, making it easy to maintain precise visibility and control every day.
May 11, 2023
April 20, 2023
May 3, 2022
- Marc Punzirudu
April 12, 2022