Word of the Day: PCI DSS

Word of the Day: Daily updates on the latest technology terms

Word of the Day Daily updates on the latest technology terms | May 27, 2020 PCI DSS The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.   The standard was created jointly in 2004 by four major credit-card companies: Visa, MasterCard, Discover and American Express. Compliance with the standard has not been consistent. The PCI DSS specifies and elaborates on six major objectives. 1. A secure network must be maintained in which transactions can be conducted. This requirement involves the use of firewalls that are robust enough to be effective without causing undue inconvenience to cardholders or vendors. 2. Cardholder information must be protected wherever it is stored. When cardholder data is transmitted through public networks, that data must be encrypted. 3. Systems should be protected against the activities of malicious hackers by using frequently updated anti-virus software, anti-spyware programs, and other anti-malware solutions. 4. Access to system information and operations should be restricted and controlled. Cardholder data should be protected physically as well as electronically. 5. Networks must be constantly monitored and regularly tested to ensure that all security measures and processes are in place, are functioning properly and are kept up-to-date. 6. A formal information security policy must be defined, maintained and followed at all times, by all participating entities. Enforcement measures include audits and financial penalties for non-compliance. Continue reading about PCI DSS... Today's Takeaway "Falling PCI DSS compliance rates could force the PCI Security Standards Council to be more open to other regulatory frameworks and make enterprises aim higher in terms of data security. Could zero trust be part of the solution?" - Michael Heller Related Terms You Should Know PCI DSS merchant levels zero trust network compliance risk compliance audit compliance burden compliance as a service PCI DSS 12 requirements Buzzword Alert PCI DSS infographic Here's a quick view of the history of PCI DSS.   GDPR By achieving PCI DSS compliance, your organization will meet the baseline security control standards required under GDPR.   PCI DSS compliance PCI DSS compliance has decreased dramatically: Verizon reported it fell from 52.5% in 2018 to 36.7% in 2019. compliance framework PCI DSS tells you what mandates you must comply with -- but they don't tell you how to comply. compliance burden Privacy compliance rules force companies to track down what data they have and establish processes to comply with mandates. Do You Speak Compliance? In compliance, _________ is a formal procedure to determine how well an official or prescribed plan or course of action is being carried out. a. validation b. reckoning Answer Stay in Touch Thank you for reading! For feedback about any of our definitions or to suggest a new definition (or learning resource) please contact us at: editor@whatIs.com FOLLOW US About This E-Newsletter The Word of the Day is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US. Click to: Unsubscribe. You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com. © 2020 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners. Privacy Policy | Partners List