Addressing PCI Compliance Through Privileged Access Management

Description: Executive Summary Challenge Organizations handling transactions involving credit or debit cards are facing increasing pressure to meet regulatory compliance mandates. In particular, they must comply with the Payment Card Industry Data Security Standard (PCI DSS) version 3, which went into effect in January of 2015.1 PCI DSS v3 established various requirements for safeguarding an organization’s relevant systems and networks, comprising the Cardholder Data Environment (CDE). With requirements for strong authentication and access control to the CDE, organizations are challenged with the difficult tasks of implementing multi-factor authentication, access control and activity reporting tools or practices, particularly for privileged or administrative access to these systems.