Download - WP Database Security for PCI Compliance
-
7/29/2019 WP Database Security for PCI Compliance
1/13
SecurityStandards Council
Database Security or PCI ComplianceThe Payment Card Industry Data Security Standard (PCI DSS) sets orth security
requirements or organizations that store, process, and/or transmit credit card
transactions. To meet these data security requirements, organizations need to
implement complex processes that oten turn into a costly burden.
Designed or auditors, security proessionals, and database administrators, this
paper analyzes PCI compliance challenges and outlines applicable solutions. This
paper ocuses on the key PCI DSS requirements that impact database security:
PCI Requirement 10:Track and monitor all access to network resourcesand cardholder data
PCI Requirement 8.5.5:Remove and/or disable inactive user accounts
at least every 90 days
PCI Requirement 7:Limit access to cardholder data by business
need-to-know
PCI Requirement 6.1:Ensure all system components and software are
protected from known vulnerabilities by installing the latest vendor-supplied
security patches
Data in Scope:Identify, and track, all locations of cardholder data
C
omplia
nce
Organizations that process or store cardholder data are
obligated to secure it to minimize their fnancial exposure
to a data breach and maintain customer trust in their
ability to securely transact business.
-
7/29/2019 WP Database Security for PCI Compliance
2/13