PgConf.Russia 2015 archive

Achieving PCI Compliance with Postgres

Denish Patel

In an attempt to protect its Credit-card holders from identity theft VISA and MasterCard have collaborated with American Express, Discover and JCB to develop the Payment Card Industry Data Security Standard, otherwise known as PCI-DSS. PCI DSS is an industry regulation designed to mitigate risks to the integrity and confidentiality of payment card data. If the company is storing customer’s credit card data, they are entitled to follow PCI compliance guidelines. Regularly, PCI releases new guidelines to protect consumers data, In Nov 2013, PCI released PCI DSS V 3.0 standard procedures.

In the talk, I’m going to discuss guidelines and requirements from PCI DSS V 3.0 and how Postgres’s powerful security features helps to address following PCI compliance requirements by protecting data and controlling:

  • Build and Maintain a Secure Network and Systems
  • Protect Cardholder Data
  • Maintain a Vulnerability Management Program
  • Implement Strong Access Control Measures
  • Regularly Monitor and Test Networks
  • Maintain an information Security Policy

Slides

RU

EN