PCI DSS (Payment Card Industry Data Security Standard)
Meet PCI DSS requirements with privileged access management and vulnerability management solutions from BeyondTrust.
PCI DSS Cybersecurity Solutions
Initially developed in 2004, the Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for every organization that accepts credit cards such as Visa, MasterCard, American Express, and others. The PCI standard:
- was created to increase controls around cardholder data to reduce credit card fraud;
- has become the de facto standard for protecting access to personally identifiable information (PII), especially in the retail industry;
- is mandated by the card issuers; and,
- is administered by the Payment Card Industry Security Standards Council (PCI SSC).
The PCI Security Standards Council is a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. By adhering to PCI regulations, you can secure critical systems and protect sensitive cardholder data. When you stay compliant, you are part of the solution – a united, global response to fighting payment card data breaches.
BeyondTrust PowerBroker Privileged Access Management and Retina Enterprise Vulnerability Management solutions help proactively eliminate data breaches from insider privilege abuse and external hacking attacks. With an integrated risk intelligence platform, BeyondTrust cybersecurity solutions reveal critical risks hidden within volumes data to prevent breaches, maintain PCI DSS compliance, and ensure business continuity.
Address 10 PCI DSS Requirements with BeyondTrust Cybersecurity Solutions
Req. 1: Install and Maintain a Firewall Configuration to Protect Cardholder Data
BeyondTrust least-privilege solutions can block or deny user commands, such as deleting or disabling firewalls. Our password security solution manages accounts authorized to change firewalls and routers. Our vulnerability scanning solution is able to identify router misconfigurations.
Req. 2: Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters
BeyondTrust vulnerability scanning identifies default passwords and checks system configurations. Our password security solution can automatically rotate and manage policy for default passwords, as well as for any user-defined account. The solution can also generate and manage SSH keys.
Req. 3: Protect Stored Cardholder Data
BeyondTrust endpoint least privilege management solutions include file integrity monitoring to prevent unauthorized changes to cardholder data. Our server privilege management solutions offers keystroke logging that can be configured to prevent cardholder data from being recorded.
Req. 4: Encrypt Transmission of Cardholder Data Across Open, Public Networks
BeyondTrust least privilege solutions leverage certificate-based SSL encrypted transmission between endpoints and the central management console. Our vulnerability scanning solution can measure encryption strength and identify outdated versions of transmission protocols.
Req. 5: Protect All Systems Against Malware and Regularly Update Anti-Virus Software or Programs
Our vulnerability management solutions detect and prevent malware, as well as identify the status and version of antivirus solutions. Our least privilege solutions can prevent malicious, vulnerable or unknown software from executing, as well as mandate which versions of software are allowed.
Req. 6: Develop and Maintain Secure Systems and Applications
Our vulnerability management solutions identify security exposures in systems and applications across all infrastructure. In addition, our privileged access management solutions enable you to segregate access and duties between development, test and production environments.
Req. 7: Restrict Access to Cardholder Data by Business Need to Know
BeyondTrust least privilege solutions can control access to sensitive systems while enabling fine-grained, policy and/or task-based delegation. Our endpoint least privilege solution can selectively elevate privileges, without providing admin privileges to users.
Req. 8: Identify and Authenticate Access to System Components
BeyondTrust solutions leverage unique user IDs, plus pluggable authentication modules and/or Kerberos, for authentication. They can also leverage RSA tokens, SmartCards, and other two-factor authentication mechanisms, in addition to offering several password security controls.
Req. 10: Track and Monitor All Access to Network Resources and Cardholder Data
Our solutions offer permissioned capabilities for auditing and logging tasks, events, application launches, authentication and authorization requests, testing procedures, and more. We also deliver monitoring capabilities, such as keystroke logging, session recording and screen grabs.
Req. 11: Regularly Test Security Systems and Processes
BeyondTrust vulnerability management solutions can be configured to automatically run quarterly scans, as required by PCI DSS. Our solutions can identify all IT infrastructure, including wireless access points, and conduct both internal and external vulnerability scans.