PCI DSS REQUIREMENTS

The PCI Data Security Standard consists of 12 requirements that have been laid down under 6 different categories.

 

Objectives

Build and Maintain a Secure Network and Systems

PCI-DSS Requirements

Z

Install and maintain a firewall configuration to protect cardholder data

 

Z

Do not use vendor-supplied defaults for system passwords and other security parameter

 

Z

Protect stored cardholder data

 

Protect Cardholder Data

Z

Encrypt transmission of cardholder data across open, public networks

 

Maintain a Vulnerability Management Program

Z

Protect all systems against malware and regularly update anti-virus software or programs

 

Z

Develop and maintain secure systems and applications

 

Z

Restrict access to cardholder data by business need to know

 

Implement Strong Access Control Measures

Z

Identify and authenticate access to system components

 

Z

Restrict physical access to cardholder data

 

Z

Track and monitor all access to network resources and cardholder data

 

Regularly monitor and test networks

Z

Regularly test security systems and processes.

 

Maintain an Information Security Policy Maintain a policy that addresses information security for all personnel

Z

Maintain a policy that addresses information security for all personnel