Definition

cardholder data environment (CDE)

Contributor(s): Sharon Shea

A cardholder data environment (CDE) is a computer system or networked group of IT systems that processes, stores and/or transmits cardholder data or sensitive payment authentication data. A CDE also includes any component that directly connects to or supports this network.

The Payment Card Industry Data Security Standard (PCI DSS) includes specific requirements for securing electronic payment and authentication data residing on all physical and virtual components in the CDE, including:

Most data breaches  in the retail sector involve a compromise of the cardholder data environment. To that end, the PCI DSS requires a variety of controls to secure the CDE, including network segmentation. If the size and scope of the cardholder data environment is minimal and is adequately isolated using technology and rule sets, it will reduce the likelihood of a data breach.

This was last updated in May 2014

Dig Deeper on PCI Data Security Standard

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...

Close