Yugabyte Achieves PCI DSS Level 1 Compliance, Validating Secure and Scalable Distributed PostgreSQL for Financial Institutes
SUNNYVALE, Calif., March 14, 2024 —Yugabyte, the distributed PostgreSQL database company for cloud native applications, today announced that it successfully achieved PCI DSS compliance, becoming a PCI DSS Level 1 Service Provider for the fully-managed DBaaS offering of YugabyteDB. The certification paves the way for fintechs and financial institutions to accelerate their database modernization initiatives with YugabyteDB.
The Payment Card Industry Data Security Standard (PCI DSS) is the most prevalent industry-recognized security standard related to the storage, transmission, and processing of cardholder data. It is designed to enhance the security of cardholder data and reduce the risk of data breaches, protecting consumers and businesses from financial fraud. Yugabyte achieved Level 1, the highest level of PCI DSS certification, reaffirming its commitment to helping financial institutions seamlessly process unlimited transactions and credit card data.
“In today’s digital age, protecting sensitive financial data is non-negotiable. The Payment Card Industry Data Security Standard serves as the industry’s gold standard for safeguarding cardholder information, ensuring robust security measures are in place throughout the entire payment processing ecosystem,” said Jay Duraisamy, SVP Technology, Data & Analytics at Fiserv. “Achieving PCI DSS certification demonstrates a vendor’s unwavering commitment to data security, building trust with customers and partners alike.”
To achieve Level 1 compliance, YugabyteDB’s security controls were tested by an independent Qualified Security Assessor (QSA). The assessment included a review of YugabyteDB’s technical controls as well as company policies and procedures. The independent QSA deemed that Yugabyte’s information security program was in compliance with all applicable PCI DSS requirements.
“Reaching PCI DSS Level 1 compliance is a testament to Yugabyte’s dedication to delivering secure, enterprise-ready solutions for financial institutions, fintechs, and their end customers,” said Sawyer Miller, Director of Audit & Implementation Practice at risk3sixty. “By following the thorough security standards of PCI DSS, Yugabyte is well positioned to continue leading the way for users to build applications on a modern database that delivers security, reliability and the utmost protection of customers’ sensitive data.”
The PCI DSS compliance applies to Yugabyte’s high-security offering of YugabyteDB Managed, the fully-managed version of YugabyteDB hosted and managed by Yugabyte. Users of the self-managed or open source versions of YugabyteDB can deploy a PCI-compliant solution by meeting the necessary requirements around infrastructure security and deployment.
“We are excited to add PCI DSS compliance for our fully-managed YugabyteDB offering to our existing portfolio of security certifications and attestations,” said Maurice Olsen, Sr. Director of Security & Compliance, Yugabyte. “Achieving PCI DSS compliance is a testament to our commitment to securing sensitive cardholder information and building a foundation of trust with our stakeholders.”
YugabyteDB’s PCI DSS compliance follows recent ISO 22301 and 9001 certification announcements, as well as its completion of the SOC 2 Type II attestation. These certifications demonstrate Yugabyte’s commitment to delivering exceptional quality and transparent processes to customers.
To learn more about Yugabyte or YugabyteDB, please visit: www.yugabyte.com
About Yugabyte:
Yugabyte is the company behind YugabyteDB, the open-source, high-performance distributed SQL database for building global, cloud-native applications. YugabyteDB serves business-critical applications with SQL query flexibility, high performance, and cloud-native agility, thus allowing enterprises to focus on business growth instead of complex data infrastructure management. It is trusted by companies in cybersecurity, financial markets, IoT, retail, e-commerce, and other verticals. Founded in 2016 by former Facebook and Oracle engineers, Yugabyte is backed by Lightspeed Venture Partners, 8VC, Dell Technologies Capital, Sapphire Ventures, and others. Learn more information at www.yugabyte.com.
Source: Yugabyte