Ensure that access to cardholder data environments is protected, controlled and auditable

Privileged accounts represent one of the most important aspects of protecting cardholder data. They are pervasive throughout IT environments and hold the highest levels of access to sensitive information and controls within an organization. For example, an attacker or malicious insider who gains access to a privileged account in a cardholder data environment could access and manipulate an entire credit card database, steal credit card information, and expose transactional data.

Therefore, it’s no surprise that the Payment Card Industry Data Security Standard (PCI DSS) includes extensive requirements related to securing privileged accounts in cardholder data environments. The CyberArk Privileged Account Security Solution helps organizations address PCI requirements and protect against external and insider threats by securing privileged accounts in cardholder data environments.  CyberArk solutions address the complete range of PCI DSS 3.0 requirements related to privileged access including:

  • Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
  • Requirement 7: Restrict access to cardholder data by business need to know
  • Requirement 8: Identify and authenticate access system components
  • Requirement 10: Track and monitor all access to network resources and cardholder data

Key Benefits:

  • Protect all system components included in or connected to the cardholder data environment, whether on-premises or in the cloud
  • Increase situational awareness and visibility of privileged access to cardholder data
  • Create accountability and control over privileged account usage
  • Secure cardholder data at rest or in transit
  • Reduce PCI audit and compliance resource requirements and costs