Posted on

An Introduction to PCI Compliance

There are plenty of reasons for enterprises that work with cardholder data to care about payment card industry (PCI) compliance. For starters, maintaining PCI compliance is an essential part of protecting cardholders, reducing fraud, and avoiding damage to your reputation. Additionally, if your organization is found not to be PCI compliant, it will be subject to financial penalties and, ultimately, not allowed to process or handle card transactions.

Achieving PCI compliance can be complex and time-consuming. For businesses that want to launch and scale quickly, the burden is onerous. To help you navigate the challenges of PCI compliance, here we’ll provide a crash course on the topic. We’ll also take a look at how Marqeta can help enterprises meet PCI data security standard (DSS) requirements and go to market quickly.

Posted on

The Shifting Cloud-Native Landscape: Understanding Kubernetes Compliance and Security Frameworks

There’s a reason why Kubernetes (K8s) has become the world’s leading container orchestration platform, with 74% of today’s IT companies using it for containerized workloads in production. It’s often the simplest way to handle container configuration, deployment, and management at scale. But while Kubernetes has made use of containers easier, it has also added complexities when it comes to security.

Kubernetes’ default configurations don’t always provide optimal security for all workloads and microservices deployed. Plus, today you are responsible not only for defending your environment against vicious cyberattacks but also for meeting a wide variety of compliance requirements.

Posted on

Data Regulations: HIPAA vs. GDPR vs. PCI

Today we're here to talk about data regulations and data compliance solutions. Why does all of this matter?

When it comes to online applications, protecting your users' data is one of your most pressing concerns. First of all, it's the right, ethical thing to do. Secondly, data leakages lead to serious reputation damage that you certainly don't want your organization to suffer. Last but not least, failing to protect users' data can lead to dire financial and legal consequences. You've heard of GDPR, right?

Posted on

What You Should Know About the PCI Software Security Framework in 2019

The Payment Card Industry Security Standards Council (PCI SSC) recently announced the new PCI Software Security Framework. The new set of standards aims to improve the security resiliency of applications that accept payments and use payment data in their ecosystems. Learn everything you need to know about the PCI Software Security Framework in this article.

What Is the PCI Software Security Framework?

The framework is a new set of standards for securing payment data against data breaches and fraud. There are standards for the secure design, development, and maintenance of modern payment solutions. The standard applies to payment software that is sold, distributed, or licensed to third parties for the purposes of supporting or facilitating payment transactions.