PCI DSS Compliance
The Mykonos Framework is the fastest and most thorough method to ensure your development team complies with PCI DSS Requirement 6. This requirement states that companies must ‘Develop and maintain secure systems and applications’.
The Payment Card Industry Data Security Standard lays out a number of requirements for applications that require the processing of credit card information. Failure to comply with these requirements can result in serious consequences, especially after a breach has occurred.
The PCI DSS standard is concerned with data security, and naturally has a great deal to say about how to build and manage the presentation layer. Using the Mykonos Framework, developers and security administrators can ensure that the presentation layer is secure and compliant.
To help with PCI DSS compliance, the table below highlights the requirements and the corresponding feature of the Mykonos products.
| Req | Description | Relevant Mykonos feature |
|---|---|---|
| 6.1 | Keep systems patched and up to date | Managed update service |
| 6.2 | Subscribe to an external security alert service | Management console |
| 6.5 | Code against the OWASP Top 10 | Mykonos Framework covers the entire OWASP Top 10 including XSS filtering, input validation, Session management, Encryption, Authorization, Access Control |
| 7.1 | Ensure only appropriate roles have access to CC data | Authorization, Access control |
| 7.2 | Ensure everyone is denied access to CC by default | Authorization, Access control |
