The PCI Security Standards Council (PCI SSC) is a global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments worldwide. There are currently 15 security standards, whose compliance may be necessary for entities that store, process or transmit cardholder data. The current PCI DSS (Data Security Standard) is at v3.2.1, but v4.0 is being released.
Elisity Cognitive Trust protects cardholder data through identity-based microsegmentation and least privilege access. User and device identities are continuously verified, and policies are enforced at the edge using existing switching infrastructure. With Elisity's zero trust architecture, highly distributed organizations with high throughput POS environments can remotely segment networks to isolate cardholder data and POS devices from file servers, IP phones, laptops, mobile phones, IP cameras, printers, guest Wi-Fi, and other areas of the network, and safely connect to the Cloud POS edge. Elisity Cognitive Trust users can segment branches remotely not just by branch or geo-location, but by user groups and device groups all at once across all branches, speeding up segmentation projects and policy updates.
Access to cardholder data is restricted by least privilege access policies that follow business logic and that are abstracted from the underlying network construct. All communications throughout Elisity Cognitive Trust architecture are encrypted and all access to system components is identified, authenticated, tracked, and monitored.
When responding to a breach, ensure business continuity by only quarantining compromised users, devices, and/or application flows vs. quarantining the whole site.
Get in touch with us about your PCI DSS compliance-related project and learn how you can accelerate it with Elisity Cognitive Trust.