To ensure against the risk of external and internal security breaches the PCI DSS (Payment Card Industry Data Security Standard) is a binding safety standard created by the major credit card organisations for card-based payments.
It regulates the processing, storing and communication of debit and/or credit card data so that these are protected at all times.
PCI DSS defines twelve requirements detailing how retailers, banks and other service providers organise processes and technical systems with regard to data security. These include encrypted data transfer, the restriction and seamless logging of data access and the introduction and continual updating of security guidelines.
In regular auditing and certification procedures, the retailers and service providers must document the requirements of PCI DSS. If a company has not provided documentation and is affected by data misuse, it must anticipate penalties and exclusions from the card organisations, in addition to financial losses. However, the loss of reputation and trust among customers and partners is equally serious. PCI-DSS compliance is, therefore, a business-critical requirement.
Data protection, control, accountability
VISULOX allows companies to create the prerequisites for IT infrastructure and processes required for compliance, with specific regard to PCI DSS.
With VISULOX companies can manage, restrict, monitor and comprehensively document the access to data and resources in a centralised and automated process.