Welcome to YLOAN.COM
HOME MARKETS TRADE SOLUTIONS TECH CONTACT
yloan.com » overview » PCI DSS Overview
Book-Reviews Fashion-Style properties lcd buying lenses watches boots clothes overview noida garmin omega spandex dvd parcel lolita kodak

PCI DSS Overview

PCI DSS Overview

PCI DSS Overview

The Payment Card Industry Standard (PCI DSS) is a compliance standard that governs the processing, storage or transmission of cardholder data. PCI DSS applies to any organisation which processes, stores or transmits cardholder data. Organisations can be classified as a merchant or service provider. An important point to note is that the standard is not just an IT compliance standard it effects all areas of an organisation.

PCI DSS Background

The PCI DSS was founded in December 2004 by 5 major card brands Visa, MasterCard, American Express, Discover and JCB. The ongoing maintenance and updates to the standard are performed by thePayment Security Standards Council (PCI SSC), an independent organisation, joint funded by all the participating card brands and participating organisations. The PCI DSS is now on its 4th major release which is now atv2.0.

It is important to note that compliance is not a legal requirement but it is driven by the contractual agreements between merchants and acquiring banks that cannot be ignored.

PCI DSS Requirements

The PCI DSS are broken down into 6 domains that have various sections and associated requirements within each section which are as follows:

Build and Maintain a Secure Network

1. Install and maintain a firewall configuration to protect cardholder data

2. Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

3. Protect stored cardholder data

4. Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

5. Use and regularly update anti-virus software on all systems commonly affected by malware

6. Develop and maintain secure systems and applications

Implement Strong Access Control Measures

7. Restrict access to cardholder data by business need-to-know

8. Assign a unique ID to each person with computer access

9. Restrict physical access to cardholder data

Regularly Monitor and Test Networks

10. Track and monitor all access to network resources and cardholder data

11. Regularly test security systems and processes

Maintain an Information Security Policy

12. Maintain a policy that addresses information security

Why should an organisation comply with the PCI DSS?

There are a number of benefits of attaining PCI DSS compliance;

- Provides your customers with assurance that card transactions will be handled securely by your organisation

- Level 1 service providers who achieve PCI DSS compliance can ask to be added to the Visa and MasterCard lists of approved service providers

- Avoidance of financial penalties which are divided into two areas:

1. NonCompliance Costs

2. Data Breach Costs Can include:

Fines levied by your acquirer for the cardholder data breach

Elevation to a level 1 merchant, increasing your ongoing compliance costs

The need to have an onsite QSA assessment which will add significant overhead to the demonstration of compliance

Consultancy costs for forensic assessments & remediation advice

Potential liability for consequential losses due to the card data breach

The fines which may be levied for non-compliance are potentially unlimited

Common Misconceptions

The following are common misconceptions in relation to PCI DSS compliance;

You can't fully outsource all your PCI DSS accountability although you can outsource most of the responsibility for the provision of services; remember some areas of the standard will ALWAYS remain in scope.


Using a PA DSS compliant application or a PCI PTS compliant PED does not automatically make your company PCI DSS compliant

A PCI DSS assessment/ SAQ completion is just a snap-shot. Compliance with PCI DSS must be maintained at all times, and evidence of this needs to be available

PCI DSS is NOT an IT compliance standard, it affects all facets of an organisation

For further information on our PCI compliance services, please contact one of our Sales representatives by calling +353 (0)1 495 1300 or by completing our Online Enquiry Form or Request a Call Back Form.
Tirupati – An Overview On The Options Present An overview of Holiday Villas Botox - An Overview Tacfit Commando Overview - Does Tacfit Really Work? Hot Tub Overview- How to Select Feature and Amenities Retin-A overview and description PC to HDTV - Quick Overview Canon PGI-5BK Ink Cartridge Overview Canon PowerShot SX30 IS Overview A Brief Overview About Lasik Liposuction : VASER, Laser, Tumescent Liposuction Overview Tummy Tuck / Abdominoplasty : A Brief Overview Rhinoplasty : Overview Of The Procedure
print

Contact

mail:info@yloan.com

www.yloan.com

About us Infoline Team Join us Cooperation

Products

Yloan information

Our Solutions

Presentation Testimonials Examples Our experts Resources

Press Room

Advertisement Interviews Hot news Photos Marketing

Resources

loan info finance info
www.yloan.com guest:  register | login | search IP(216.73.216.140) California / Anaheim Processed in 0.018062 second(s), 7 queries , Gzip enabled , discuz 5.5 through PHP 8.3.9 , debug code: 89 , 4474, 519,
PCI DSS Overview Anaheim