The Payment Card Industry (PCI) Data Security Standard (DSS) was created by major credit card companies to combat the rise of security breaches against credit card account data. With strict enforcement of secure servers and network environments, the PCI DSS aims to keep credit cardholder data safe and secure. Organizations involved in credit card transaction processing, must comply with PCI DSS.
Making sure your IBM i or iSeries server is compliant with PCI DSS begins with knowing what critical data resides on your server. If the system is used in any way for credit card transaction processing, PCI regulations need to be taken into account.
Most likely, a good place to start with your PCI compliance enforcement is tightening up user profile administration. Often, you will find unused user profiles, too many powerful user profiles, and user profiles with default passwords. Getting these user profiles under control helps you ensure that users have access to only one user profile account and that each user has only the authority needed to do their job.