PCI DSS v4.0

This page describes PCI DSS v4.0 compliance controls in Databricks.

PCI DSS overview

PCI DSS (Payment Card Industry Data Security Standard) is a global standard for organizations that store, process, or transmit credit card information. It mandates strict security controls to protect cardholder data.

Key points

Applies to merchants and service providers handling payment card data.
Requires regular vulnerability assessments and penetration testing.
Enforces encryption, access controls, and monitoring.

Enable PCI DSS compliance controls

To configure your workspace to support processing of data regulated by the PCI DSS standard, the workspace must have the compliance security profile enabled. Only specific preview features are supported for processing regulated data. For details on the compliance security profile, supported preview features, and supported regions, see Compliance security profile.

Ensure that sensitive information is never entered in customer-defined input fields, such as workspace names, compute resource names, tags, job names, job run names, network names, credential names, storage account names, and Git repository IDs or URLs. These fields might be stored, processed, or accessed outside the compliance boundary.

To enable PCI compliance controls, see Configure enhanced security and compliance settings.

PCI DSS overview​

Key points​

Enable PCI DSS compliance controls​

PCI DSS overview

Key points

Enable PCI DSS compliance controls