Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » PCI DSS » PCI DSS Rules

PCI DSS Rules

PCI DSS rules are global security standards for any organization dealing with cardholder data to reduce security incidents, information theft, and data breaches in the payment industry. 

Here are the 12 PCI compliance requirements or rules you need to know:

  • Install and maintain a firewall to secure network connections
  • Change default passwords and security settings provided by vendors
  • Protect stored cardholder data with policies for data disposal
  • Encrypt cardholder data when transmitting it over public networks
  • Use and keep antivirus software updated
  • Develop security systems and processes to address vulnerabilities
  • Restrict access to cardholder data based on roles and privileges
  • Assign user IDs for computer access and implement authentication measures
  • Restrict physical access to cardholder data with monitoring tools
  • Track and monitor network and data access, maintaining audit trails
  • Regularly test systems and processes, including wireless access points
  • Have an information security policy outlining technology usage rules and responsibilities

Additional reading

NIST access control requirements
Blogs NIST

List of NIST access control requirements

Ensuring adequate security of information systems is a fundamental management responsibility for every organization. Every organization that deals with financial, safety, privacy, or defense implements some form of access (authorization) control.  Although some systems grant complete access after successful authentication of the user, most systems nowadays require more sophisticated and complex control. In addition to…
Laika vs Vanta vs Sprinto
Blogs

Laika vs Vanta vs Sprinto: What’s your best bet?

The perception of compliance has gradually shifted from a necessary evil to an essential tool for business. However, with increasingly stringent frameworks to adhere to and endless controls to monitor, compliance pros need a wingman that makes their life easier.  If you have been researching, you would know that Laika, Vanta and Sprinto are heavyweight…
Cyber Risk Quantification Explained: Key Models, Challenges, and Best Practices
Blogs Cybersecurity

Cyber Risk Quantification: Understanding Models & How to Address Key Challenges 

Keeping your cloud business safe has never been harder. The problem? An infinitely growing pile of risks, shoestring budgets, crunched bandwidth, and teams stretched thin.  But there’s a solution hiding in plain sight: Cyber risk quantification. It’s the antidote to guesswork and helps you pinpoint the business-critical risks, quantify their potential impact, and prioritize accordingly….

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales