PCI DSS REQUIREMENTS
The PCI Data Security Standard consists of 12 requirements that have been laid down under 6 different categories.
Objectives and PCI-DSS Requirements
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameter
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
- Protect all systems against malware and regularly update anti-virus software or programs
- Develop and maintain secure systems and applications
- Restrict access to cardholder data by business need to know
- Identify and authenticate access to system components
- Restrict physical access to cardholder data
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes.
Maintain a policy that addresses information security for all personnel