PCI Compliance Standards and Requirements Red Iron
   
   
 
pci compliance, cisp, pci security

PCI Compliance - Standards and Requirements: A Regulation Overview

In an effort to combat the threat of data theft, all of the leading payment card brands have come up with common industry security requirements that would safeguard sensitive data. The result: the Payment Card Industry (PCI) Data Security Standard.

The purpose of the PCI DSS is to protect cardholder information, reduce debit and credit card fraud, and identify security breaches by imposing strict standards on how cardholder data is handled and stored. Retailers who do not comply with PCI standards may be barred from processing credit card transactions, or face higher processing fees or fines of up to $500,000.

The 12 PCI compliance rules are:

  1. Install and maintain a firewall configuration to protect data.
  2. Do not use vendor-supplied defaults for system passwords and other security.
  3. Protect stored data. Learn more about how 2Encrypt can protect stored data
  4. Encrypt transmission of cardholder data and sensitive information across public networks. Learn more about how 2Encrypt can help encrypt transmission of sensitive information
  5. Use and regularly update anti-virus software.
  6. Develop and maintain secure systems and applications.
  7. Restrict access to data by business need-to-know.
  8. Assign a unique I.C. to each person with computer access.
  9. Restrict physical access to cardholder data.
  10. Track and monitor all access to network resources and cardholder data.
  11. Regularly test security systems and processes.
  12. Maintain a policy that addresses information security.

The most common cause of audit failures are related to rules 3 and 4 of the PCI Standards. Red Iron's 2Encrypt enterprise level encryption decryption solution takes care of these problems. 

The most common cause of audit failures

For a personal evaluation of whether 2Encrypt can help your organization, please Contact Us or Request Information.

Need more information?

2Encrypt provides an application-based approach to encryption using industry standard algorithms that ensure only authorized applications are able to read encrypted data.

  

Next Steps
 
PCI Compliance Case Study

Case Study
White Paper: Becoming PCI Compliant

White Paper
Request a Contact about PCI Compliance

Request a Contact
CISP News and Updates

News and Updates