

COMPLIANCE
Teleport helps merchants, payment processors, and service providers protect cardholder data by establishing a unified identity layer across humans, machines, workloads, and AI agents. Cryptographic identities, per-session MFA, and identity-traceable audit logs map directly to PCI DSS v4.0 requirements for access control (Req 7), strong authentication (Req 8), and logging (Req 10) - so you can reduce CDE scope, pass QSA audits, and cut audit burden.

Access Management | ||||||
|---|---|---|---|---|---|---|
PCI DSS 4.0 Requirement | The Challenge | How Teleport Supports Compliance | ||||
Requirement 2.2: Secure system configurations | Requirement 2.2: Secure system configurations |
| ||||
Requirement 6.5: Securely manage changes to system components | Maintaining strict separation between development, testing, and production environments |
| ||||
Requirement 7.1 & 7.2: Limit access to cardholder data to authorized personnel only | Defining and enforcing role-based access control (RBAC) across complex infrastructures |
| ||||
Requirement 7.3: Use access control systems to manage local access | Inventorying and enforcing access controls across all system components and users |
| ||||
Requirement 8.1: Define and enforce user authentication | Managing unique user IDs, implementing strong authentication across all infrastructure |
| ||||
| PCI DSS 4.0 Requirement | Requirement 2.2: Secure system configurations | |||||
| The Challenge | Requirement 2.2: Secure system configurations | |||||
| How Teleport Supports Compliance |
| |||||
| PCI DSS 4.0 Requirement | Requirement 6.5: Securely manage changes to system components | |||||
| The Challenge | Maintaining strict separation between development, testing, and production environments | |||||
| How Teleport Supports Compliance |
| |||||
| PCI DSS 4.0 Requirement | Requirement 7.1 & 7.2: Limit access to cardholder data to authorized personnel only | |||||
| The Challenge | Defining and enforcing role-based access control (RBAC) across complex infrastructures | |||||
| How Teleport Supports Compliance |
| |||||
| PCI DSS 4.0 Requirement | Requirement 7.3: Use access control systems to manage local access | |||||
| The Challenge | Inventorying and enforcing access controls across all system components and users | |||||
| How Teleport Supports Compliance |
| |||||
| PCI DSS 4.0 Requirement | Requirement 8.1: Define and enforce user authentication | |||||
| The Challenge | Managing unique user IDs, implementing strong authentication across all infrastructure | |||||
| How Teleport Supports Compliance |
| |||||
Audit Logging | ||||||
|---|---|---|---|---|---|---|
PCI DSS 4.0 Requirement | The Challenge | How Teleport Supports Compliance | ||||
Requirement 10.1: Define logging and monitoring mechanisms for system access | Ensuring all access events to cardholder data are logged and linked to user identities |
| ||||
Requirement 10.2: Detect anomalies & suspicious activity | Logging all system actions, detecting and responding to access anomalies |
| ||||
| PCI DSS 4.0 Requirement | Requirement 10.1: Define logging and monitoring mechanisms for system access | |||||
| The Challenge | Ensuring all access events to cardholder data are logged and linked to user identities | |||||
| How Teleport Supports Compliance |
| |||||
| PCI DSS 4.0 Requirement | Requirement 10.2: Detect anomalies & suspicious activity | |||||
| The Challenge | Logging all system actions, detecting and responding to access anomalies | |||||
| How Teleport Supports Compliance |
| |||||
Data Protection | ||||||
|---|---|---|---|---|---|---|
PCI DSS 4.0 Requirement | The Challenge | How Teleport Supports Compliance | ||||
Requirement 4.1 & 4.2: Use strong cryptography for cardholder data during transmission | Encrypting sensitive payment data and system communications across networks |
| ||||
| PCI DSS 4.0 Requirement | Requirement 4.1 & 4.2: Use strong cryptography for cardholder data during transmission | |||||
| The Challenge | Encrypting sensitive payment data and system communications across networks | |||||
| How Teleport Supports Compliance |
| |||||
Change Controls | ||||||
|---|---|---|---|---|---|---|
PCI DSS 4.0 Requirement | The Challenge | How Teleport Supports Compliance | ||||
Requirement 6.5: Securely manage system changes and verify security impact | Preventing unauthorized changes in CI/CD pipelines and production environments |
| ||||
| PCI DSS 4.0 Requirement | Requirement 6.5: Securely manage system changes and verify security impact | |||||
| The Challenge | Preventing unauthorized changes in CI/CD pipelines and production environments | |||||
| How Teleport Supports Compliance |
| |||||
White paper
Read this white paper to learn how to address the PCI DSS 4.0 requirements that can pose the greatest challenges within complex infrastructure environments.
Discover how Teleport can solve for these requirements with powerful features like cryptographic identities, role-based access control (RBAC), granular audit logging, and more.