Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » PCI DSS » PCI DSS Rules

PCI DSS Rules

PCI DSS rules are global security standards for any organization dealing with cardholder data to reduce security incidents, information theft, and data breaches in the payment industry. 

Here are the 12 PCI compliance requirements or rules you need to know:

  • Install and maintain a firewall to secure network connections
  • Change default passwords and security settings provided by vendors
  • Protect stored cardholder data with policies for data disposal
  • Encrypt cardholder data when transmitting it over public networks
  • Use and keep antivirus software updated
  • Develop security systems and processes to address vulnerabilities
  • Restrict access to cardholder data based on roles and privileges
  • Assign user IDs for computer access and implement authentication measures
  • Restrict physical access to cardholder data with monitoring tools
  • Track and monitor network and data access, maintaining audit trails
  • Regularly test systems and processes, including wireless access points
  • Have an information security policy outlining technology usage rules and responsibilities

Additional reading

What is Cybersecurity and Why is It Important?

In the age of the internet, organizations are heavily relying on IT infrastructure to keep them safe from cyberattacks. As more and more organizations are adopting digital transformation, the risk of cybercrime is increasing at a rapid rate; so is the importance of cybersecurity. Cybersecurity has become the knight in shining armour. Strong cybersecurity policy…
defense in depth

Defense In Depth (DiD): A Castle Approach To GRC With Layered Defenses

In 2016, the U.S. Department of Homeland Security (DHS) listed Defense in Depth (DiD) as a recommended strategy for improving ‘industrial control system cybersecurity’ practices. This was done in a bid to make systems less attractive to attackers during a period experiencing a sharp increase in cyber incidents.  So, is DiD a new concept or…

How to effectively plan your Cybersecurity budget for 2025?

Gartner predicts global information security spending will rise by 15% in 2025. According to Forrester, 2025 will be the year of CISO fiscal accountability, with organizations worldwide expanding their budgets and demanding justification for past investments. As AI, ML, and quantum computing make waves this year, businesses are also under pressure to balance risk management,…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales