PCI DSS REQUIREMENTS
The PCI Data Security Standard consists of 12 requirements that have been laid down under 6 different categories.
Objectives and PCI-DSS Requirements
Build and Maintain a Secure Network and Systems
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameter
- Protect stored cardholder data
Protect Cardholder Data
- Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
- Protect all systems against malware and regularly update anti-virus software or programs
- Develop and maintain secure systems and applications
- Restrict access to cardholder data by business need to know
Implement Strong Access Control Measures
- Identify and authenticate access to system components
- Restrict physical access to cardholder data
- Track and monitor all access to network resources and cardholder data
Regularly monitor and test networks
- Regularly test security systems and processes.
Maintain an Information Security Policy Maintain a policy that addresses information security for all personnel
-
Maintain a policy that addresses information security for all personnel