Home
Payment Card Industry (PCI) Add-on User Guide
BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
Overview
HCL BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based on the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
What's new in PCI DSS content update release
HCL BigFix Compliance PCI Add-on provides additional support and enhancement in the recent update.
PCI DSS 4.0
On March 31, 2022, PCI Security Standards Council (PCI SSC) released PCI Data Security Standard (PCI DSS) version 4.0. The PCI DSS is a global standard that establishes a baseline of technical and operational standards for protecting account data. The PCI DSS version 4.0 supersedes PCI DSS version 3.2.1 to address emerging threats and technologies better and provide innovative ways to mitigate new security risks.

Payment Card Industry (PCI) Add-on User Guide
BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
- Overview
  HCL BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based on the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
  - PCI DSS overview
    HCL BigFix Compliance PCI Add-on provides checklists for PCI compliance. The Payment Card Industry Data Security Standard (PCI DSS) is a baseline of technical and organizational requirements that are related to the Payment Card Industry.
  - What's new in PCI DSS content update release
    HCL BigFix Compliance PCI Add-on provides additional support and enhancement in the recent update.
    - PCI DSS 4.0
      On March 31, 2022, PCI Security Standards Council (PCI SSC) released PCI Data Security Standard (PCI DSS) version 4.0. The PCI DSS is a global standard that establishes a baseline of technical and operational standards for protecting account data. The PCI DSS version 4.0 supersedes PCI DSS version 3.2.1 to address emerging threats and technologies better and provide innovative ways to mitigate new security risks.
  - PCI DSS checklists
    SCM is organized through checklists that assess and manage the endpoint and server configurations. Each compliance checklist is distributed by BigFix as an external Fixlet site.
  - PCI DSS policies
    BigFix Compliance Analytics V2.0.9 releases a new policy reporting capability, which provides an aggregated view of compliance from a PCI DSS Requirement or PCI DSS Milestone report perspective.
  - Key users
    Learn how users use the PCI DSS checklists for their role.
- Setup
  Complete configuration steps to access the PCI DSS checklists and checks and ensure accurate relevance evaluation on the endpoints.
- Using checks and checklists
  The check Fixlets in Configuration Management checklists assess an endpoint against a configuration standard. Many check Fixlets have a corresponding analysis, sometimes referred to as measured values, that report the value of the element that the check Fixlet evaluates.
- Understanding the results in BigFix Compliance Analytics
  Use BigFix Compliance Analytics (formerly known as Security and Compliance Analytics or SCA) to navigate and explore security configuration check results.
- Resources
  You can find more information about Security Configuration Management and PCI DSS in the following resources.

PCI DSS 4.0

On March 31, 2022, PCI Security Standards Council (PCI SSC) released PCI Data Security Standard (PCI DSS) version 4.0. The PCI DSS is a global standard that establishes a baseline of technical and operational standards for protecting account data. The PCI DSS version 4.0 supersedes PCI DSS version 3.2.1 to address emerging threats and technologies better and provide innovative ways to mitigate new security risks.

To get more details on PCI DSS version 4.0 which is the next generation of the standard, refer to Resource Hub.

BigFix released PCS DSS V4.0 for different platforms.

The main highlights of the PCI DSS version 4.0 checklist includes:: Increased number of Fixlets are now included in the standard.; Increased number of sub-requirements and milestones.; Increased remediation count.

Note: Effective March 31, 2024, PCI DSS version 3.2.1 will end its support, and PCI DSS v4.0 will become the only active version of the standard. However, the existing version of PCI DSS version 3.2.1 will remain valid for two years until its discontinuation on March 31, 2024. During this period, organizations has to grasp the changes in PCI DSS version 4.0 and implement any necessary adjustments.

To get the details about the latest release of PCI DSS version 4.0, see Release announcement PCI Add-on.