Payment Card Industry Data Security Standard (PCI DSS)

The Payment Card Industry Data Security Standard establishes specific standards to uphold the security of payment data. It applies to organizations that handle the acceptance, storage, and transmission of cardholder data.

The majority of PCI DSS requirements focus on monitoring and securing your network. Organizations are obligated to safeguard cardholder data, enforce access restrictions, and fulfill other obligations to attain PCI compliance. Deploying M365 Manager Plus is an effective means to accomplish these requirements and maintain PCI compliance.

The following table lists the PCI compliance requirements and M365 Manager Plus reports that help meet them.

Section Description Reports
3 (3.1, 3.2) Protect stored cardholder data
  • User Logon Activity
  • Recent Successful Logon
  • Recent Logon Failure
5.3 Use and regularly update anti-virus software or programs
  • Admin Roles
  • User Mailbox Security
  • Mailbox Permission Changes
6 (6.3.1, 6.4, 6.4.1, 6.4.2, 6.4.4, 6.4.5.2) Develop and maintain secure systems and applications
  • Messages by Subject
  • Mails Sent by Shared Mailbox
  • Mails Received by Shared Mailbox
7 (7.1, 7.1.3, 7.1.4, 7.2) Restrict access to cardholder data by business need to know
  • OneDrive Events Log
  • Messages by Subject
  • Mailbox Permission Changes
  • User Mailbox Security
  • Admin Roles
8 (8.1, 8.2, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.1.8, 8.2.1, 8.2.3, 8.2.4, 8.2.5, 8.2.6, 8.4, 8.5, 8.5.1) Assign a unique ID to each person with computer access
  • Messages by Subject
  • Mails Sent by Shared Mailbox
  • Mails Received by Shared Mailbox
  • Mailbox Permission Changes
  • User Mailbox Security
  • Admin Roles
  • Mailbox Created
  • Mailbox Deleted
10 (10.1, 10.2, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 10.2.5, 10.2.6, 10.2.7,10.3, 10.6, 10.7) Track and monitor all access to network resources and cardholder data
  • Recent Logon Failure
  • OneDrive Events Log
  • User Logon Activity
  • Recent Successful Logon
11 (11.2, 11.3, 11.5) Regularly test security systems and processes
  • Mailbox Created
  • Mailbox Deleted
  • OneDrive Events Log
  • User Logon Activity

Steps to generate PCI DSS reports in M365 Manager Plus

  1. Log on to M365 Manager Plus and navigate to the Reports tab.
  2. In the left pane, click Compliance Reports.
  3. Under PCI-DSS, click the report that you wish to generate.
  4. Select the desired domain(s) and click Generate Now.

Copyright © 2023, ZOHO Corp. All Rights Reserved.