PCI-DSS compliance controls

PCI-DSS compliance controls provide enhancements that help you with payment card industry (PCI) compliance for your workspace.

PCI-DSS compliance controls requires enabling the compliance security profile, which adds monitoring agents, enforces instance types for inter-node encryption, provides a hardened compute image, and other features. For technical details, see Enable the compliance security profile.

Requirements

  • Your Databricks account must include the Enhanced Security and Compliance add-on. For details, see the pricing page.

  • Your Databricks workspace is on the E2 version of the platform.

  • Your Databricks workspace is on the Enterprise tier.

  • Single sign-on (SSO) authentication is configured for the workspace.

  • Enabling the compliance security profile at the account level or for specific workspaces.

Enable PCI-DSS compliance controls

To configure your account or workspace to support processing of data regulated by the PCI-DSS standard, enable the compliance security profile. One of those steps includes contacting your Databricks representative. When you do so, also request the PCI compliance controls. You will receive additional information and agreements to sign. You will have to decide whether to enable account or workspace-level enablement for specific workspaces, and the order form must specify this information.

Preview features that are supported for processing credit card payment data

The following preview features are supported for processing of processing credit card payment data:

Does Databricks permit the processing of credit card payment data on Databricks?

Databricks permits the processing of credit card payment data under the condition of a signed agreement. Contact your Databricks representative for more information.