Cato Networks has announced it achieved compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) v4.0—becoming the first SASE platform vendor to do so.

As part of this achievement, the Cato SASE Cloud Platform underwent rigorous inspection and met stringent requirements to obtain PCI DSS Service Provider Level 1 certification.

“Becoming the first SASE platform vendor to achieve PCI DSS v4.0 compliance highlights the power of the Cato SASE Cloud Platform,” said Daniel Liber, chief information security officer and data protection officer at Cato Networks. “One night, customers went to sleep and by morning, their infrastructure met PCI requirements. No fuss. No mess.” 

The PCI DSS is a global standard that establishes a baseline of technical and operational requirements for protecting payment data. PCI DSS v4.0 is the next evolution of the standard, furthering the protection of payment data with new controls to address sophisticated attacks.

To achieve PCI DSS Service Provider Level 1 certification, service providers must build and maintain secure networks and systems, implement strong access controls, and regularly monitor and test networks.  

What typically takes service providers a year to accomplish, Cato completed in just a few months with minimal technical changes thanks to its robust existing internal controls. “Our internal security measures were already strong enough for the auditors, making the transition to PCI DS v4.0 compliance seamless,” said Liber.  

While PCI DSS compliance is mandatory for organisations that store, process, or transmit cardholder data, enterprises across all industries benefit from its rigorous security controls and validation processes. 

To learn more about Cato’s compliance with PCI DSS v4.0 and other regulations, visit here.

To read more Eskenzi news, click here.