What is PCI DSS?

Auditwerx Triangle Logo

Share this post

It is hard to believe that the PCI DSS is over 15 years old and yet people still struggle with what it is!? It’s time to stop tearing your hair out. We’ve got you covered with all you need to know in our new PCI Primer blog series, and we’re starting with the basics.  

What is PCI DSS?

 PCI DSS is a global security standard developed and maintained by the PCI Security Standards Council and adopted by payment card brands for all organizations that process, store or transmit cardholder data and/or sensitive authentication data such as primary account number (PAN), cardholder name, card expiration date and card verification value (CVV). These requirements are meant to mirror information security best practices.  

These requirements are: 

  1. Install and maintain a firewall configuration to protect cardholder data. 
  2. Do not use vendor-supplied defaults for system passwords and other security parameters. 
  3. Protect stored cardholder data. 
  4. Encrypt transmission of cardholder data across open, public networks. 
  5. Protect all systems against malware and regularly update anti-virus software or programs. 
  6. Develop and maintain secure systems and applications. 
  7. Restrict access to cardholder data by business need to know. 
  8. Identify and authenticate access to system components. 
  9. Restrict physical access to cardholder data. 
  10. Track and monitor all access to network resources and cardholder data. 
  11. Regularly test security systems and processes. 
  12. Maintain a policy that addresses information security for all personnel. 

 

Source: PCI Security Standards Council, LLC | www.pcisecuritystandards.org 

PCI DSS compliance shows that your business has the proper environment and controls in place to process, store and transmit payment information – building trust with existing customers and attracting new clients. Not PCI compliant yet? Auditwerx, a certified PCI QSA, can help. If you’re ready for professional guidance from a PCI specialist, contact us today! 

Next time, we’ll be examining why following these requirements is important to your business. Stay tuned for more from our experts! 

We use cookies to ensure the best experience. By accessing our site, you agree to our cookie policy.