Application Delivery in PCI-DSS Compliant Environments
2023-03-23 22:04:19© 2018 KEMP Technologies, All Rights Reserved. KEMP®, KEMPTechnologies®, LoadMaster®, and K's logo are KEMP Technologies, Inc. A
(PCI DSS) is the basic standard of franchise stores and card processors. This includes the management and processes of security technologies that protect cardholder data. It may be difficult to achieve compliance with PCI DSS and may have a significant impact on the organization's business processes, services, and technology architecture (Microsoft, 2009). PCI DSS version 1.2 is the latest version of the standard replacing all previous versions of PCI DSS. The DSS standard consists of six principles and twelve requirements.
PCI DSS 12 requirements are a set of security controls that enterprises need to implement to protect credit card data and comply with the payment card industry data security standard (PCI DSS). These requirements are developed and maintained by the Payment Card Industry (PCI) Security Standards Council. Organizations that handle payment cards, such as debit cards and credit cards, must meet 12 requirements either directly or through compensation management. Compensation management, however, is not always permitted and must be approved by PCI QSA on a case-by-case basis. Failure to meet PCI DSS 12 requirements may result in a fine or cancellation of credit card processing rights.
Before using the online application to accept credit card and customer personal information, the Legal Department notified the senior management that the organization needs to comply with PCI DSS standards. As administrators are not familiar with PCI DSS compliance, they are required to prepare PCI DSS compliance, how the organization completes the compliance process, and recommendations on the impact of compliance violations. PCI DSS stands for Payment Card Industry data security standard. PCI DSS initially started with five different programs: Visa, MasterCard, American Express, Discover, and JCB Data Security Program. Each company provides an additional level of protection to card issuers by ensuring that merchants meet minimum security levels during cardholder data storage, processing and transmission. The PCI DSS specifies 12 compliance requirements divided into six logically related groups called control objectives.