PCI DSS REQUIREMENTS

The PCI Data Security Standard consists of 12 requirements that have been laid down under 6 different categories.

Objectives

Build and Maintain a Secure Network and Systems

PCI-DSS Requirements

Z

Install and maintain a firewall configuration to protect cardholder data

Z

Do not use vendor-supplied defaults for system passwords and other security parameter

Z

Protect stored cardholder data

Protect Cardholder Data

Z

Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

Z

Protect all systems against malware and regularly update anti-virus software or programs

Z

Develop and maintain secure systems and applications

Z

Restrict access to cardholder data by business need to know

Implement Strong Access Control Measures

Z

Identify and authenticate access to system components

Z

Restrict physical access to cardholder data

Z

Track and monitor all access to network resources and cardholder data

Regularly monitor and test networks

Z

Regularly test security systems and processes.

Maintain an Information Security Policy Maintain a policy that addresses information security for all personnel

Z

Maintain a policy that addresses information security for all personnel