Payment Card Industry Data Security Standard (PCI DSS) Compliance
Addressing Cardholder Data
Any entities involved in payment card processing—including those that store, process, or transit cardholder data—are expected to protect that data through specific controls known as the Payment Card Industry Data Security Standard (PCI DSS). While compliance is not mandated by US federal law, it is required by major credit card companies for any organization that processes, stores, or transmits payment card information. Assessments are performed annually, and non-compliant organizations can be subjected to fines and in some cases could incur greater penalties in event of a breach.
PCI DSS applies to stores, online retailers, and other organizations, and covers a broad range of security topics, including network configuration, data protection, internal control, and policy development.
More than 50% of organizations failed their interim PCI DSS validation assessment due to missing security controls.
Maintain Ongoing Visibility and Control
Prepare for PCI DSS 4.0
PCI DSS released version 4.0 on March 31, 2022. While organizations will not be held to the new standards until 2024, now is the time to put solutions in place that will empower them to meet and maintain compliance with PCI DSS version 4.0. PKWARE solutions keep businesses informed on what, where, and whose data exists across the enterprise, making it easy to maintain precise visibility and control every day.