What is PCI DSS? | A Brief Summary of the Standard
Vložit
- čas přidán 14. 03. 2019
- What is the PCI DSS? A summary of the PCI DSS (Payment Card Industry Data Security Standard). Learn about the PCI DSS and how to comply with the standard.
----------------------------------------------------------------------------------------------------------------
Website: ow.ly/yRwP50IZcuI
Connect with us on social:
LinkedIn: / it-governance
Twitter: / itgovernance
Facebook: / itgovernanceltd
Or keep up to date with our blog:
ow.ly/AFqA50IZcwc - Věda a technologie
THE 12 REQUIREMENTS OF PCI DSS
The requirements set forth by the PCI SSC are both operational and technical, and the core focus of these rules is always to protect cardholder data.
The 12 requirements of PCI DSS are:
1. Install and maintain a firewall configuration to protect cardholder data
2. Do not use vendor-supplied defaults for system passwords and other security parameters
3. Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks
5. Use and regularly update anti-virus software or programs
6. Develop and maintain secure systems and applications
7. Restrict access to cardholder data by business need to know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data
10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
12. Maintain a policy that addresses information security for all personnel
Indeed. Split into a total of 331 controls for v3.2.1.
Hi dear friend I need your help could you help me please 🙏🏽?
Question 1
🔹The PIS DSS is established by:
🔹United Nations Organisation
🔹A group of payment card companies
🔹European Union
@@Dennis-xi4cta group of credit card...
That's a really useful top-level overview of PCI DSS standard. Many thanks
Thanks Arshrad, please do subscribe for the latest info and updates
Good basic info on PCIDSS. Content is good .
Thank you. This was a helpful quick summary of PCI DSS. Awesome
amazing way 2explain
thxxxxx
Thank you
Cheers guys and girls well done.
thanks
Does one business pay just one PCI fee per month or are you charged for each number of card machines you have? For example if you have 2x card machines will you pay the compliance fee twice
depends
One big fee.
Compliance is essentially 'free' up until you are processing 1million transactions per year as a Merchant (things are different if you're a service provider). The avenues in which you interact with the card define the complexity of SAQ you will need to complete, irrespective of how many card machines you have.
Throw lots of buzz words and make it sound complicated to create an industry... It is essentially simply a requirement of "end to end encryption" of any payment data and keeping the data secure both at rest or while in flight (read while in transmission). Most companies just want to not be bothered and want someone else to take the risk so they can have "one throat to choke" in case of any non-compliance....
That's not what it is, although that is part of it. As you said: 'Most companies just want to not be bothered and want someone else to take the risk so they can have "one throat to choke" in case of any non-compliance....'
Right well the company who is the data controller has a responsibility to find appropriate third parties who can take that risk. PCI covers this bit too by placing the onus on the controller so they can't simply teflon shoulder it to someone else without having performed essential due diligence.
We are fully compliant with Payment Card Industry Data Security Standards. (When I'm adding a card for payment above👆🏼 lines appearing, why? and how to resolve this issue? Pleas help me
This seems to be an issue you are having with your payment system. Unfortunately we cannot help you with this and I suggest you contact your bank.
@@ITGovernanceLtd thnxxx
@@skysffkingdom2949 You're welcome
@@skysffkingdom2949 Happy to help
Hi dears I need your help could you help me please 🙏🏽?Question 1
🔹The PIS DSS is established by:
🔹United Nations Organisation
🔹A group of payment card companies
🔹European Union
This is why cryptocurrencies should be mainstream. These payment merchants have these standards just for their benefit. VISA was hacked too.
No one is immune from compromise. The PCI DSS represents a MINIMUM standard that most people still can't actually achieve. The PCI DSS accounts for breaches in how you respond to them, how you minimise their impact, and also detecting them in the first place.
I pay online fees last night there is message of your order is awaited why it's not paid ?
Background music is too loud and distracting. I'm watching this to be educated, not entertained.