Payment Card Industry (PCI) Data Security Standard – PCI DSS – is a set of requirements designed to ensure that all companies involving in credit card transactions maintain a secure environment to eliminate the potential risk of data theft. The exponential growth in the on line business attracts never ending security issues and it warrants redefinition of PCI DSS standards on a regular basis.
SupportSages PCI compliance services help you to achieve the following twelve requirements to become a PCI DSS compliance entity.
BUILD AND MAINTAIN A SECURE NETWORKRequirement 1: Install and maintain a firewall configuration to protect card holder dataRequirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
PROTECT CARDHOLDER DATARequirement 3: Protect stored card holder dataRequirement 4: Encrypt transmission of card holder data across open, public networks
MAINTAIN A VULNERABILITY MANAGEMENT PROGRAMRequirement 5: Use and regularly update anti-virus softwareRequirement 6: Develop and maintain secure systems and applications
IMPLEMENT STRONG ACCESS CONTROL MEASURESRequirement 7: Restrict access to card holder data by business need-to-knowRequirement 8: Assign a unique ID to each person with computer accessRequirement 9: Restrict physical access to card holder data
REGULARLY MONITOR AND TEST NETWORKSRequirement 10: Track and monitor all access to network resources and card holder dataRequirement 11: Regularly test security systems and processes
MAINTAIN AN INFORMATION SECURITY POLICYRequirement 12: Maintain a policy that addresses information security