PCI DSS Compliance
It is with great pride and pleasure that we are able to inform you that Hyphen has achieved PCI compliance status.
This accomplishment signifies that Hyphen has taken a huge step in terms of best practice with regards to ensuring data security standards and practice. Notably we are compliant with the most recent compliance standards making us one of the first companies globally to achieve this status.
What is PCI-DSS
Payment Card Industry Data Security Standards PCI security standards are technical and operational requirements set by the Payment Card Industry Security Standards Council to protect cardholder data. The standards globally govern all merchants and organisations that store, process or transmit this data – with new requirements for software developers and manufacturers of applications and devices used in those transactions.
Compliance with the PCI set of standards is mandatory for their respective stakeholders, and is enforced by the major payment card brands who established the Council: American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. PCI Data Security Standard for Merchants and Processors. The PCI DSS is the global data security standard that any business of any size must adhere to in order to accept payment cards. It presents common sense steps that mirror best security practices.
| Goal | PCI DSS Requirements |
|---|---|
| Build and Maintain a Secure Network | Install and maintain a firewall configuration to protect cardholder data; Do not use vendor-supplied defaults for system passwords and other security parameters. |
| Protect Cardholder Data | Protect stored data; Encrypt transmission of cardholder data across open, public networks. |
| Maintain a Vulnerability Management Program | Use and regularly update anti-virus software; Develop and maintain secure systems applications. |
Implement Strong Access Control Measures | Restrict access to cardholder data by business need-to-know; Assign a unique ID to each person with computer access; Restrict physical access to cardholder data. |
| Regularly Monitor and Test Networks | Track and monitor all access to network resources and cardholder data; Regularly test security systems and processes. |
Maintain and Information Security Policy | Maintain a policy that addresses information security. |
