Becoming PCI DSS Compliant


The Security Standards Council of the Payment Card Industry (PCI) owns and maintains a rigorous set of requirements known as the Data Security Standard (DSS) that all merchants, payment processors, point of sale vendors and financial institutions must follow. Since the core concern of PCI is the protection of cardholder data, these requirements focus on user access to the servers that host this data, or through which such data passes.

The PCI DSS 3.2 consists of 12 requirements spread across six domains, which now includes requirements for multi-factor authentication (MFA). This white paper examines each of the requirements and identifies capabilities of the Centrify Server Suite and Centrify Privilege Service that customers can leverage to help achieve compliance.