The PCI-DSS council was formed in 2006 by American Express, Discover, JCB International, MasterCard and Visa Inc for vendors associated with payment cards to implement standardized security policies and compliance.

What is PCI-DSS? 

The Payment Card Industry Data Security Standard (PCI DSS) is an information   security standard administered by PCI Security Standards Council. PCI-DSS defines certain rules and regulations which are to be followed while dealing with storing, processing or transmitting cardholder data in order to maintain a secure infrastructure. An industry/company dealing with cardholder data is said to be PCI-DSS compliant when it adheres to the 12 requirements specified in the PCI-DSS. 

Why PCI-DSS is so important?

Customer stored data has always been given highest priority for implementing security and compliance strategies in your organization. The whole purpose of PCI-DSS is to protect the CardHolder Data (CD), so that you avoid the risk of data loss and potential breaches that could result in Account Data Compromise (ADC) event.

PCI-DSS with AWS Infrastructure

AWS has been PCI-DSS compliant since 2010. AWS provides guidance for PCI-DSS standardized architecture on AWS cloud. Services deployed on AWS can be audited and checked to see if they adhere to the requirements specified by PCI-DSS. There are various versions released for PCI-DSS, latest one being PCI-DSSv3.2. 

What Beam offers for PCI compliance?

  • Beam PCI-DSSv3.0 policy

Beam has now introduced a new policy PCI-DSSv3.0 which contains such audits that are based on the requirements specified in the PCI-DSS version 3.0 document. This is a default system policy which cannot be modified by Beam users. The compliance widget based on the policy is also shown on dashboard for easier understanding and a better overall view. There are unique 70+ audits under PCI-DSS policy which helps the customer to check if their infrastructure is PCI-DSS compliant.

  • Beam - PCI-DSSv3.0 report

Beam now provides a comprehensive report consisting of an overall compliance report for PCI-DSS. The first page of this detailed PCI-DSS compliant report consists of a sheet specifying the various requirements set by PCI-DSS and the audits along with count of issues.

Beam provides checks if the requirement is satisfied and presents status of Pass or Fail based on the issues in the audits. This helps the customer to get an aggregated view of better understanding about the PCI-DSS compliance of  their account. The report also consists of the audit data in the form of downloadable .csv so that appropriate measures can be taken to ensure compliance.

  • PCI-DSS Policy ScoreCard

Gauge your PCI-DSS compliance levels through policy score-card and push towards a higher score for more compliant cloud infrastructure.

Did this answer your question?