BigID for PCI DSS

Payment Card Industry Data Security Standard Requirements

PCI DSS comprises a minimum set of security requirements for organizations as guidance to protect and secure sensitive payment-related data across their environment. It contains detailed guidelines and best practices to prepare for, execute, and measure the performance of PCI DSS assessments and subsequently help meet compliance mandates.

BigID helps organizations meet PCI DSS requirements using a modern Data Intelligence Platform that combines sensitive data discovery, next-gen classification, and risk management. With BigID, organizations can:

• Discover & classify sensitive account data
• Detect vulnerable data
• Enforce data remediation & retention and policies
• Document the flow of data
• Meet regulatory requirements
• Reduce data exposure & mitigate data risk

Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks (#4)

The Data Remediation App enables the right remediation workflows to protect cardholder data. Set policies around specific cardholder data types that require encryption, and then automatically assign the right people and tools to carry out encryption workflows.

Support Information Security with Organizational Policies and Programs (#12)

Enforce policies around sensitive payment-related data and kick off remediation workflows with the Data Remediation App. Use the RoPA Data Mapping App to map account data processing and sharing to assess the risk profile for a business process. Use the Data Retention App to detect data retention violations and carry out remediation wherever payment-related data exists.