What is PCI DSS?
The PCI Data Security Standard (DSS) was developed by the PCI Security Standards Council, and is enforced by the payment card issuers. It is designed to protect consumers and businesses, and to encourage the global adoption of consistent data security measures. The PCI DSS is comprised of 12 broad requirements which organizations must meet to maintain compliance. The requirements for what must be submitted to confirm compliance vary depending on the merchant level, which is determined by the number of payment card transactions processed per year.
Dell SecureWorks offers a full suite of PCI Compliance Security consulting and remediation solutions to help organizations address the demands and challenges of Payment Card Industry Data Security Standards (PCI DSS) compliance. Dell SecureWorks is also a PCI Approved Scanning Vendor (ASV) and Qualified Security Assessor (QSA).
PCI DSS compliance requires any organization that transmits, processes, or stores data that contains payment card information to protect the privacy and confidentiality of that data. In addition to retailers, the PCI DSS standards affect financial institutions, healthcare providers, transportation service providers, the food and hospitality industry, and payment service providers, among many others.
Several trends have accelerated the need for PCI DSS compliance and payment security. While the payment card brands have been actively enforcing PCI compliance for Level 1 merchants the past few years, they are now enforcing compliance for Level 2 - 4 merchants as well. Merchants that are non-compliant can face substantial fines and the threat of having payment card privileges revoked. Another factor is that since PCI compliance does not equal security, merchants of all types and sizes continue to experience data breaches. Companies that suffer data breaches may spend millions of dollars in fines and remediation costs, lose customer trust, and suffer long-term damage to their brands.
Smart organizations understand that a strong information security policy can give them a competitive advantage for addressing PCI compliance requirements. By going beyond the minimum requirements and focusing on a broader security program, they can not only respond to and mitigate potential data security breaches and cyber security attacks, but also serve customers more efficiently and improve their bottom line.
This maps well to Dell SecureWorks philosophy, too. We advocate a "security approach to compliance" instead of a "compliance approach to security," because it's critical to have a strategy that's scalable, sustainable, and is backed by a culture that values information security throughout the organization. This can help reduce the risk of breach and damage to your brand reputation, and help you manage your costs and resources.
All-in-one information hub to help merchants effectively meet PCI Compliance requirements and improve security standards.
PCI Compliance Scanning services to improve network security, protect cardholder information, and provide reporting to meet PCI DSS compliance requirements.
Become familiar with the most common terms and acronyms for PCI compliance.
Answers to the most frequently asked questions on PCI compliance requirements and standards.
This whitepaper outlines the challenges of maintaining Payment Card Industry compliance and three key steps to effectively address them.
Overview of solutions provided by Dell SecureWorks to help merchants meet and maintain PCI Compliance standards.
Understand the requirements on risk ranking and scanning and the impact on PCI compliance programs
Dell offers a wide range of hardware, software and services to help merchants address PCI compliance requirements.