Knowledge Base

PCI DSS Compliance

 
administrator guideplesk administrationsecuring pleskencryptionmail 2

The PCI Data Security Standard (PCI DSS)

The PCI DSS is a security standard that helps organizations to
proactively protect customer account data. The standard constantly
evolves to remain viable in today’s rapidly changing Internet and
computing environment. It is reviewed at least every 24 months, and can
be updated at any time. To learn more about the standard, visit
www.pcisecuritystandards.org.

Compliance with PCI DSS and PA DSS

Credit card companies require compliance with PCI DSS for every entity
that is involved in the storage, processing, or transmission of credit
card information. Failure to comply can result in denial or revocation
of your organization’s facility to process credit cards.

Furthermore, as these standards have become widely recognized,
non-compliance places your organization at risk of legal and/or civil
consequences if credit card information becomes compromised.

Compliance with PCI DSS is necessary whether or not you use Plesk to
process transactions online. Even if you use a POS terminal or other
methods to process transactions, and simply retain information in Plesk,
you must ensure proper use of the program to maintain the security and
confidentiality of customer data.

Since July 1, 2010, Credit Card Processors and Bank Card Acquirers have
had to ensure that merchants and agents use only Payment Application
Data Security Standard (PA DSS) compliant applications. Plesk is
certified as compliant under the security standard that applies to
software vendors that develop applications for sale to merchants to
process and/or store cardholder data.

Plesk PCI DSS Compliance

To protect sensitive data hosted on your server and to make Plesk PCI
DSS compliant, you should implement special security measures.
Regardless of an operating system type you use, the measures are as
follows:

  • Ensure that software incorporates all security updates.
  • Set up encryption of remote connections.
  • Prohibit access to databases server from external addresses.
  • Disable weak SSL/TLS/TLS ciphers and protocols for web servers, mail
    servers, and components.
  • Prevent services from disclosing information about your data and
    versions of software you use.
Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit