The production SiteSphere platform has recently gained PCI compliance for enhanced payment account data security. The compliance relates to security management, policies, procedures, network architecture, software design and other critical measures for the company’s ‘SiteSphere’ CMS and e-commerce platform. Through this comprehensive standard ActiveBrand demonstrates its commitment to proactively help maintain consistent data security measures on a global basis, and protect customer account data.

The PCI DSS is a set of continuously developing comprehensive requirements for enhancing payment account data security, developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.

Key requirements:

Build and Maintain a Secure Network

Install and maintain a firewall configuration to protect cardholder data

Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

Protect stored cardholder data

Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

Use and regularly update anti-virus software

Develop and maintain secure systems and applications

Implement Strong Access Control Measures

Restrict access to cardholder data by business need-to-know

Assign a unique ID to each person with computer access

Restrict physical access to cardholder data

Regularly Monitor and Test Networks

Track and monitor all access to network resources and cardholder data

Regularly test security systems and processes

Maintain an Information Security Policy

Maintain a policy that addresses information security