Payment Card Industry Data Security Standard (PCI DSS)
The Payment Card Industry Data Security Standard (PCI DSS) ndiwo seti yezviyero zvekuchengetedza zvakagadzirirwa kuve nechokwadi chekuti makambani ESE anobvuma, anogadzira, anochengeta, kana kutumira ruzivo rwekadhi rechikwereti anochengetedza nharaunda yakachengeteka. Pamusoro pezvo, kana uri mutengesi wemhando ipi neipi inotambira makadhi echikwereti, unofanirwa kutevedzera PCI Security Council zviyero. Iyi saiti inopa kadhi rechikwereti data kuchengetedza zviyero, PCI-inoenderana software uye Hardware, vanokwanisa kuchengetedza vaongorori, tsigiro yehunyanzvi, madhairekitori evatengesi, nezvimwe.
Iyo Payment Card Indasitiri (PCI) Data Security Standard (DSS) uye PCI Yakabvumidzwa Scanning Vendors (PCI ASV) iripo kurwisa kukwira kuri kuwedzera kwekurasikirwa neruzivo rwekadhi rechikwereti. uye kuba. Ese mashanu makuru emakadhi ekubhadhara mabhureki anoshanda nePCI kuona kuti vatengesi uye vanopa masevhisi vanochengetedza ruzivo rwekadhi rechikwereti nekuratidzira PCI kutevedzera kuburikidza nePCI kutevedzera bvunzo. Gain PCI scan inoenderana nenjodzi yekuongororwa nePCI-inotenderwa scanning mutengesi. Mishumo yakadzama inoratidza maburi ekuchengetedza akafumurwa nemutengesi wedu 30,000+. Miedzo uye ine zvinogoneka kugadzirisa kurudziro.
Yepamutemo PCI Security Standards Council Saiti:
https://www.pcisecuritystandards.org/
Chii chinonzi Payment Card Industry Data Security Standard (PCI-DSS)?
Ziva izvo zvekutanga zvePCI-DSS kutevedzera - dzidza kuchengetedza data rekadhi rekubhadhara rine hunyanzvi, kusangana nemirayiridzo yeindasitiri, uye kubhadhara zviri nyore.
Iyo Payment Kadhi Indasitiri Data Security Standard (PCI-DSS) seti yezvekuchengetedza zvinodiwa kumakambani anogadzira, anochengeta, uye anoendesa ruzivo rwekiredhiti nekadhi rechikwereti. Inoshanda kune chero sangano rinogamuchira makadhi ekubhadhara akabatwa nemhando dzemakadhi makuru - Visa, Mastercard, American Express, Discover, uye JCB. Kuteedzera nePCI-DSS kunobatsira mabhizinesi kuchengetedza yakavanzika kadhi rekubhadhara data kubva kune kusingatenderwe kuwana pamberi pekutyisidzira kunogara kuchiitika cyber.
Chii chinonzi PCI-DSS?
PCI-DSS chiyero chekuchengetedza chepasirese chine chinangwa chekuchengetedza kugadzirisa, kuchengetedza, uye kuendesa data kadhi rekubhadhara. Yakanga yakagadzirirwa kuchengetedza ruzivo rwevatengi data kubva pakubiridzira uye kumwe kutyisidzira kwekuchengetedza. Iyo Payment Card Indasitiri Security Standards Council (PCI SSC) inosimbisa mwero uye inoshanda kune chero sangano rinotengesa, zvitoro, maitiro, kana kutumira ruzivo rwekadhi rechikwereti. Nekuda kwehutera hwekuchengetedza masisitimu, kutevedzera PCI-DSS zviyero zvinobatsira mabhizinesi kuderedza njodzi yezviitiko zvehutsotsi, sekuba zvitupa uye kuburitswa kwedata.
Sei PCI-DSS kutevedzera kwakakosha?
Kuteerera kwePCI-DSS kwakakosha kuchengetedza data revatengi rine hanya, uye angangoita mabhizinesi ese anobata ruzivo rwekadhi rekubhadhara anofanira kutevedzera aya mazinga. Kusateera kunogona kutungamira kumafaindi makuru, kuburitswa kwedata rako pachako, uye kukuvadzwa mukurumbira. Kutevedzwa kwemitemo kunobatsirawo masangano kuderedza njodzi yekubiridzirwa nekuona kuti makadhi ekubhadhara akachengetedzwa zvakasimba uye ari echizvino-zvino.
Ndezvipi zvikamu zvechiyero?
The PCI-DSS chiyero inosanganisira gumi nemaviri epakati zvikamu izvo zvinovhara huwandu hwakawanda hwemaitiro uye zviitiko zvine chekuita nekuchengetedza data kubata. Izvi zvikamu zvinosanganisira kuvaka nekuchengetedza network yakachengetedzwa, kuchengetedza data rine makadhi, kuita matanho akasimba ekudzora kuwana, kugara achitarisa chiitiko chetiweki uye kuyedza masisitimu ekuchengetedza, kuita mitemo yekuchengetedza yemuviri, kuve nehurongwa hwekupindura chiitiko, uye kutevedzera mitemo yekuchengetedza ruzivo.
Ndinoita sei kuti PCI-DSS ienderane?
Kuve PCI-DSS inoenderana inzira yakawanda-nhanho. Zvinosanganisira kuwana nhungamiro uye zviyero kubva kuPCI Security Council, kuvaka chirongwa chako chekuteerera uye mhinduro dzekusangana nemirayiridzo yakadaro, kuendesa mhinduro dzako kukanzuru kuti iongororwe uye kubvumidzwa, kuvandudza masisitimu ekuchengetedza nguva nenguva kuti aenderane nemaitiro matsva akanakisa uye mafambiro emusika, uye kuenderera mberi nekutarisa chero njodzi dzinogona kuitika dzine chekuita nedata remuridzi wemakadhi kuti ridzivirire.
Maitiro akanakisa ekuchengetedza kutevedzera PCI-DSS
Kuchengetedza kutevedza kwePCI-DSS kunoda kushanda nesimba uye kushingaira. Mamwe maitiro akanakisa ekuenderera mberi nekuteedzera anosanganisira kugadzira yakazara chengetedzo mitemo; kushandisa masisitimu ekuchengeta, kugadzirisa, uye kutumira data rekiredhiti kadhi zvakachengeteka; encrypting dataholder data kana yachengetwa kana kutamiswa; nguva dzose kuongorora mitemo yekuwana data uye maitiro; uye kutarisa kuchengetedzwa kwetiweki. Aya matanho achabatsira sangano rako kuti rirambe riri pamusoro pekudzivirira kutyora kwedata uye kuchengetedza PCI-DSS kutevedzera mune ramangwana.
Kuvhura Mabhenefiti ePCI DSS Kutevedzera: Kuwedzera Kuchengetedzeka uye Kuvaka Trust
Iwe une hanya nezve kuchengetedzwa kwevatengi vako data? Uri kunetseka here kuti kutyora data kunogona kukanganisa zita rako uye kukanganisa kuvimba? PCI DSS kutevedzera inogona kubata kiyi yerunyararo rwepfungwa dzako. Munyika yanhasi yakabatana, umo kutyisidzira kwecyber kuri kubuda zvinotyisa, kuchengetedza ruzivo rwakadzama kwakakosha kupfuura nakare kose.
Muchikamu chino, tichaongorora mabhenefiti ePCI DSS kutevedzera uye kuti inogona sei kuwedzera nhanho dzako dzekuchengetedza uye kuvaka kuvimba nevatengi vako. PCI DSS, kana Kubhadhara Kadhi Indasitiri Data Security Standard, seti yenhungamiro inova nechokwadi chekubata kwakachengeteka kweruzivo rwekadhi rechikwereti. Nekutevedzera izvi zvinodiwa, mabhizinesi anogona kuderedza zvakanyanya njodzi yekutyorwa kwedata, kuzvidzivirira ivo nevatengi vavo.
Hakusi chete kuti kutevedzera kwePCI DSS kunowedzera kuchengetedzwa kwako, asi zvakare kunosimudzira kuvimba nevatengi vako. Kuziva kuti ruzivo rwavo rwemunhu uye rwemari rwakachengeteka, vatengi vanogona kusarudza bhizinesi rako pamusoro pevakwikwidzi uye vanove nerunyararo rwepfungwa pavanenge vachiita newe online kana muchitoro.
Joinha isu patinenge tichiongorora zvakanakira kutevedzera PCI DSS uye dzidza kuti inogona kuchengetedza sei data rako uchivaka kuvimbana nevatengi vako.
Kunzwisisa kukosha kwekuteerera kwePCI DSS
Kuwedzera kuvimba netekinoroji uye kusimukira kwekutengeserana kwepamhepo kwaita kuti mabhizinesi asangane nekutyorwa kwedata uye kurwisa-cyber. Migumisiro yekutyora inogona kuva yakaipa, kwete chete maererano nekurasikirwa kwemari asiwo maererano nekukuvadzwa kwemukurumbira uye kurasikirwa kwevatengi kuvimba. Apa ndipo apo PCI DSS kutevedzera kunova kwakakosha.
Kuteerera kwePCI DSS kunopa hwaro hwakakwana hwemabhizinesi kuchengetedza data ravo rekadhi rekubhadhara. Inovhara zvinhu zvakasiyana-siyana, zvinosanganisira kuchengetedzwa kwetiweki, encryption yedata, kutonga kwekuwana, uye kugara uchitarisa. Nekuita matanho aya, mabhizinesi anogona kuchengetedza ruzivo rwevatengi vavo kubva kune vasina mvumo kana kuba.
Benefits yekuve PCI DSS inoenderana
Kuwana uye kuchengetedza PCI DSS kutevedzera kunouya neakasiyana mabhenefiti kumabhizinesi. Chekutanga, inoderedza zvakanyanya njodzi yekutyora data. Nekushandisa matanho ekuchengetedza anotsanangurwa muyero, makambani anogona kusimbisa dziviriro yavo kubva kutyisidziro yecyber uye kuchengetedza data revatengi vavo.
Uyezve, kuve PCI DSS inoenderana inosimudzira mukurumbira wako uye inovaka kuvimba kwevatengi. Muzera ranhasi redhijitari, vatengi vari kuwedzera kuziva nezve njodzi dzekugovana ruzivo rwavo rwemunhu uye rwemari. Nekuratidza kuzvipira kwako kukuchengetedza data kuburikidza nekuteerera, unovimbisa vatengi vako kuti ruzivo rwavo rwakachengeteka mumaoko ako.
Zvakare, PCI DSS kutevedzera kunogona kubatsirawo mabhizinesi kugadzirisa mashandiro avo. Iyo chiyero inokurudzira kushandisa akachengeteka matekinoroji uye maitiro, kuvandudza kushanda zvakanaka, uye kuderedza njodzi yekukanganisa kana kusashanda kwehurongwa. Izvi, zvakare, zvinogona kukonzera kuchengetwa kwemutengo uye kuwedzera ruzivo rwevatengi.
Maitiro ekuve PCI DSS inoenderana
Kuve PCI DSS inoenderana inoda kunyatsoronga uye kuita. Maitiro acho anogona kusiyana zvichienderana nehukuru uye kuoma kwebhizinesi rako, asi matanho akakosha anoramba akafanana.
Nhanho yekutanga ndeyekuongorora matanho ako ekuchengetedza uye kuona maburi kana kusasimba. Izvi zvinosanganisira kunyatsoongorora masisitimu ako, network, uye maapplication anobata data rekadhi rekubhadhara. Kunzwisisa kuti data inoyerera sei kuburikidza nesangano rako uye kwainochengetwa kana kutumirwa kwakakosha.
Tevere, iwe unofanirwa kugadzirisa chero kusadzivirirwa kwakaonekwa uye kushandisa anodiwa ekuchengetedza ekudzivirira. Izvi zvinogona kusanganisira kukwidziridza masisitimu ako, kuita encryption matekinoroji, kana kuwedzera network segmentation. Izvo zvakakosha kuti uteedzere izvo chaizvo zvinodikanwa zvinotsanangurwa muPCI DSS chiyero uye kuona kuti ese anodiwa ekutonga aripo.
Kana zvidzoreso zvekuchengetedza zvaitwa, unofanirwa kusimbisa kutevedza kwako kuburikidza nekunyatsoongorora. Izvi zvinowanzobatanidza kuita Qualified Security Assessor (QSA) kana kuita ongororo yemukati uchishandisa PCI DSS Self-Assessment Questionnaire (SAQ). Ongororo yacho inoongorora kutevedzera kwako chiyero uye kuona chero nzvimbo dzinoda kumwe kuvandudzwa.
Zvinodiwa zvakakosha zvePCI DSS kutevedzera
PCI DSS kutevedzera ine gumi nembiri zvakakosha izvo mabhizinesi anofanirwa kutevedzera. Izvi zvinodikanwa zvinofukidza zvakasiyana-siyana zvekuchengetedza data uye zvinopa hurongwa hwakakwana hwekuchengetedza kadhi rekubhadhara data. Zvimwe zvezvinodikanwa zvakakosha zvinosanganisira:
1. Isa uye chengetedza gadziriso yefirewall kuchengetedza data rine makadhi.
2. Shandisa encryption yakasimba kuchengetedza kutapurirana kwekadhi data pane yakavhurika, network yeruzhinji.
3. Shandisa zvidzoreso zvekupinda kuti udzivise kuwana data rine makadhi pane chinodiwa-kuziva.
4. Monitor uye kuyedza network kuti uone uye upindure kune kusadzivirirwa kwekuchengetedza kana kutyisidzira.
Kunzwisisa zvinodiwa nesangano rako uye kuona kuti zvese zvinodikanwa zvinodzora zviripo kuti zvisangane nechiyero kwakakosha.
Maitiro akanakisa ekuchengetedza PCI DSS kutevedzera
Kuzadzikisa kutevedza kwePCI DSS hakusi kuedza kwekamwe chete asi chiitiko chinoenderera. Kuti vachengetedze kuteerana, mabhizinesi anofanirwa kumisa maitiro akasimba ekuchengetedza uye kugara achitarisa masisitimu avo kune kusasimba kana kushaya simba. Heano mamwe akanakisa maitiro ekukubatsira iwe kuchengetedza PCI DSS kutevedzera:
1. Shandisa nguva dzose kuchengetedza zvigadziriso uye zvigamba zvemasisitimu ako uye maapplication.
2. Ita ongororo yenguva dzose yekusagadzikana uye kuongororwa kwekupinda kuti uone uye kugadzirisa chero kusasimba kwekuchengetedza.
3. Tarisa uye nyora zvese zviitwa zvehurongwa kuti uone uye upindure kune zvinofungirwa kana zvisingatenderwe zviitiko.
4. Dzidzisa vashandi vako nezvezvakanakisa zvekuchengetedza data maitiro uye upe zvirongwa zvekuzivisa nguva dzose kuti uvazivise nezvezvinotyisidzira nekusagadzikana.
Nekutevedzera aya akanakisa maitiro, mabhizinesi anogona kuve nechokwadi chekuti nhanho dzedziviriro dzave dzemazuva ano uye dzinoshanda mukuchengetedza data rekadhi rekubhadhara.
Matambudziko akajairika mukuwana nekuchengetedza kutevedza
Nepo PCI DSS kutevedzera kwakakosha pakuchengetedza data, zvinogona kunetsa kuti mabhizinesi asvike nekuchengetedza. Mamwe matambudziko akajairika anosanganisira:
1. Kuoma: Iyo PCI DSS chiyero inogona kuve yakaoma, kunyanya kune mabhizinesi madiki ane mashoma zviwanikwa uye hunyanzvi mukuchengetedza data.
2. Mutengo: Kuita zvinodikanwa zvekuchengetedza zvidzoreso uye matekinoroji zvinogona kudhura, kunyanya kumabhizinesi ane mabhajeti akaomarara.
3. Chikumbiro: PCI DSS kutevedza kunongopfuura masystem ekubhadhara chete. Inovhara masisitimu ese uye network inobata data rekubhadhara kadhi, izvo zvinogona kunetsa kuziva nekuchengetedza.
4. Kutyisidzira kuri kubuda: Kutyisidzirwa neCyber kunogara kuchishanduka, uye mabhizinesi anofanirwa kugara achigadziridzwa neazvino maitiro ekuchengetedza kuchengetedza data ravo zvinobudirira.
Kukunda zvipingamupinyi izvi kunoda nzira inobatika yekuchengetedzwa kwedata uye kuzvipira kuenderera mberi nekuvandudza.
Basa retekinoroji mukuzadzisa PCI DSS kutevedzera
Tekinoroji inoita basa rakakosha mukuwana nekuchengetedza PCI DSS kutevedza. Mabhizinesi anofanirwa kukwidziridza maturusi akakodzera uye mhinduro kuchengetedza data revatengi vavo, kubva kune yakachengeteka yekubhadhara magedhi kuenda kune encryption matekinoroji.
Encryption matekinoroji, akadai seSSL/TLS, shuwa kuti data inofambiswa pakati pebrowser yemutengi neseva yakavharidzirwa uye yakachengeteka. Magedhi ekubhadhara akachengeteka anopa nharaunda yakachengeteka yekugadzirisa data kadhi rekubhadhara, kuderedza njodzi yekubira kana kuba.
Uyezve, matekinoroji akaita senge intrusion yekuona nekudzivirira masisitimu (IDPS) uye ruzivo rwekuchengetedza uye chiitiko manejimendi (SIEM) mhinduro dzinogona kubatsira mabhizinesi kutarisa network yavo uye nzira dzekufungidzira zviitiko kana kutyora kuchengetedza.
Nekushandisa tekinoroji chaiyo, mabhizinesi anogona kukwidziridza chimiro chavo chekuchengetedza uye kusangana nezvinodiwa zvePCI DSS kutevedzera zvinobudirira.
Kuvaka kuvimba nevatengi kuburikidza nePCI DSS kutevedzera
Kuvaka kuvimba kwevatengi kwakakosha pakubudirira mune yanhasi inokwikwidza bhizinesi mamiriro. PCI DSS kutevedzera inoita basa rakakosha mukusimudzira kuvimba nekuona kuchengetedzeka kweruzivo rwevatengi.
Vatengi vanonzwa vane chivimbo chakanyanya kugovera ruzivo rwekadhi rechikwereti Pavanoona bhizinesi rinoenderana nePCI DSS. Vanoziva kuti data ravo rinobatwa zvakachengeteka, uye kambani inochengetedza zvakavanzika zvavo.
Zvakare, kuve PCI DSS inoenderana inoratidzawo kuzvipira kune data kuchengetedza uye kuvanzika kwevatengi, izvo zvinogona kusiyanisa bhizinesi rako kubva kune vanokwikwidza. Vatengi vane mukana wekusarudza bhizinesi rinoisa pamberi pekuchengetedza kwavo uye kuvanzika, zvichitungamira mukuwedzera kuvimbika uye kudzokorora bhizinesi.
Mhedziso: Kushandisa mabhenefiti ePCI DSS kutevedzera
Muzera ranhasi redhijitari, kuchengetedzwa kwedata kunonyanya kukosha. Kuteerera kwePCI DSS kunopa mabhizinesi nehurongwa hwakazara hwekuchengetedza kadhi rekubhadhara data uye kuderedza njodzi yekutyorwa kwedata. Makambani anogona kunakidzwa nemabhenefiti akasiyana nekuwana nekuchengetedza kuteerana, kusanganisira kuchengetedzeka kwakawedzera, kuvimbwa kwevatengi kwakagadziridzwa, uye mashandiro akakwenenzverwa.
Nekudaro, kuwana nekuchengetedza PCI DSS kutevedzera kunogona kuve kwakaoma, kunoda kunyatsoronga, kuita, uye kuenderera mberi kwekutarisa. Kushandisa tekinoroji chaiyo uye maitiro akanaka kwakakosha kuti ubudirire.
Mukupedzisa, PCI DSS kutevedzera hakusi kungoita zvekutonga asi kudyara mukuchengetedza uye mukurumbira webhizinesi rako. Nekuisa pamberi kuchengetedza data uye kuratidza kuzvipira kwako kuchengetedza ruzivo rwevatengi, unogona kuvhura mabhenefiti ekuteerera kwePCI DSS uye kuvaka kuvimba nevatengi vako munyika yanhasi yakabatana.
Isu tiri Imwe Yevashoma Makambani Ane Vatema Tech Makambani Anoshanda Munyika Dzose makumi mashanu:
Alabama Ala AL, Alaska Alaska AK, Arizona Ariz AZ, Arkansas Ark AR, California Calif CA, Canal Zone CZ CZ, Colo. Florida Fla. FL, Georgia Ga. GA, Guam Guam GU, Hawaii Hawaii HI, Idaho Idaho ID, Illinois Ill. IL, Indiana, Ind. IN, Iowa, Iowa IA, Kansas Kan. KS, Kentucky Ky. KY, Louisiana La LA, Maine, Maine ME, Maryland, Md. MD, Massachusetts, Mass. MA, Michigan Mich MI, Minnesota Minn. MN, Mississippi Miss MS, Missouri, MO, Montana, Mont. MT, Nebraska Neb. NE, Nevada Nev. NV, New Hampshire NHNH, New Jersey NJ NJ, New Mexico NMNM, New York NY NY, North Carolina NCNC, North Dakota NDND, Ohio, Ohio OH, Oklahoma, Okla. Ore.OR, Pennsylvania Pa. PA, Puerto Rico PR PR, Rhode Island RI RI, South Carolina SC SC, South Dakota SDSD, Tennessee Tenn. TN, Texas Texas TX, Utah UT, Vermont Vt. VT, Virgin Islands VI VI, Virginia Va. VA, Washington Wash. WA, West Virginia W.Va. WV, Wisconsin Wis. WI, uye Wyoming Wyo.
