PCI DSS Compliance

PCI DSS compliance is a requirement for any business that stores, processes, or transmits payment card data. Developed by the major credit card companies, the Payment Card Industry Data Security Standard (PCI DSS) defines measures for ensuring data protection and consistent security processes and procedures around online financial transactions. Businesses that fail to maintain PCI DSS compliance are subject to steep fines and penalties.

PCI DSS Compliance Mandates

As formulated by the PCI Security Standards Council, the mandates of PCI DSS compliance include:

  • Developing and maintaining a security policy that covers all aspects of the business Installing firewalls to protect data
  • Encrypting cardholder data that is transmitted over public networks Using anti-virus software and updating it regularly
  • Establishing strong passwords and other cyber security protocols
  • Enforcing rigid access controls and monitoring access to account data

For large merchants that conduct high volumes of online financial transactions, PCI DSS compliance is enforced by annual validations performed by an independent Qualified Security Assessor (QSA).

Achieving and maintaining PCI DSS compliance can be time-consuming and costly for merchants. The benefits to merchants of the PCI DSS compliance program come largely in the form of enhanced consumer confidence. Consumers shopping online expect their account data to be safe anywhere it is stored, transmitted, or processed in the course of completing a transaction. They demand reassurance that their personal information remains private. To the extent that the PCI DSS compliance program helps provide this reassurance, the program contributes to the continued growth of online commerce.

Akamai Helps Ensure PCI DSS Compliance For Your End-to-End Transaction Architecture

Akamai's integrated compliance management solution allows businesses to reduce the cost of achieving and maintaining PCI DSS compliance while meeting performance and reporting requirements. Our Cloud Security Solutions provide compliance tools and documentation focused on business application security and web site delivery. For ecommerce businesses that use the Akamai Secure Content Delivery Network to accelerate the delivery of web applications to end users, Akamai provides documentation certifying that the Akamai network is PCI compliant. The pre-certification of this portion of your application delivery infrastructure lets you cross a major item off your PCI compliance checklist and helps you to stay focused on your core business.

Ready to Accelerate Your PCI DSS Compliance?

Security threats are constantly changing, and your PCI DSS compliance must keep pace. With Akamai's Cloud Security Solutions, you can prevent hackers from stealing your customers' data by extending the security perimeter outside your data center. These solutions can also thwart other types of threats such as denial of service (DoS) and Distributed Denial of Service attacks (DDoS), which block access to your web server.

With its globally distributed cloud computing platform for content delivery and a robust suite of website protection services, Akamai ensures that your website enjoys enhanced security anytime, anywhere, on any device.

Learn more about how Akamai accelerates PCI DSS compliance with Cloud Security Solutions.