Payment Card Industry (PCI) Data Security Standard – PCI DSS – is a set of requirements designed to ensure that all companies involving in credit card transactions maintain a secure environment to eliminate the potential risk of data theft. The exponential growth in the on line business attracts never ending security issues and it warrants redefinition of PCI DSS standards on a regular basis.
SupportSages PCI compliance services help you to achieve the following twelve requirements to become a PCI DSS compliance entity.
BUILD AND MAINTAIN A SECURE NETWORK
Requirement 1: Install and maintain a firewall configuration to protect card holder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
PROTECT CARDHOLDER DATA
Requirement 3: Protect stored card holder data
Requirement 4: Encrypt transmission of card holder data across open, public networks
MAINTAIN A VULNERABILITY MANAGEMENT PROGRAM
Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications
IMPLEMENT STRONG ACCESS CONTROL MEASURES
Requirement 7: Restrict access to card holder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to card holder data
REGULARLY MONITOR AND TEST NETWORKS
Requirement 10: Track and monitor all access to network resources and card holder data
Requirement 11: Regularly test security systems and processes
MAINTAIN AN INFORMATION SECURITY POLICY
Requirement 12: Maintain a policy that addresses information security