Home > Storage > ObjectScale and ECS > Product Documentation > ECS PCI DSS Compliance > PCI DSS Introduction
The Payment Card Industry Data Security Standard (PCI DSS) provides a baseline of security measures and processes to protect sensitive financial data. The security processes and requirements span the entire IT infrastructure.
This document focuses specifically on the PCI DSS requirements for ECS, allowing administrators to achieve PCI DSS compliance. Throughout this document, the PCI DSS requirements are addressed with respect to ECS, as illustrated in Figure 1.
For more information on the PCI DSS specification, refer to the PCI DSS Requirements and Security Assessment Procedures. The PCI DSS standard does not provide a certification of compliance to a product. Rather, the PCI DSS standard provides the security measures for configuring a product to meet compliance. Once a product is configured per the PCI DSS standard, an IT environment is assessed for PCI DSS compliance. This paper explains how an ECS cluster is configured to meet PCI DSS compliance.
In addition to the configuration steps provided in this white paper, the ECS Security Configuration Guide should be reviewed for additional security configuration and hardening considerations.