PCI and PCI DSS -The Payment Card Industry Data Security Standard

PCI compliance, usually refers to the PCI Data Security Standard (DSS) which is an information security standard for organizations that handle branded credit cards from the major card companies.


The standard applies to all entities that store, process, and/or transmit credit cards. It covers technical and operational practices for system components included in, or connected to, environments with cardholder data. If an organization accepts or processes payment cards, PCI DSS applies. Requirements for PCI compliance include(s): having proper firewalls set within infrastructure, using the latest in data encryption such as WPA and WPA2, data encryption, restricted cardholder data access electronically as well as physically, appropriate tracking and monitoring of network resources and data, regular security checks and assessments of technologies and processes, and up to date antivirus software and not using default settings for wire privacy keys.


Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.