| PCI Data Security Standard |
| Build and Maintain a Secure Network |
- Install and maintain a firewall configuration to
protect data
- Do not use vendor-supplied defaults for system
passwords and other security parameters
|
| Protect Cardholder Data |
- Protect stored data
- Encrypt transmission of cardholder data and
sensitive information across public networks
|
| Maintain a Vulnerability Management Program |
- Use and regularly update anti-virus software
- Develop and maintain secure systems and applications
|
| Implement Strong Access Control Measures |
- Restrict access to data by business need-to-know
- Assign a unique ID to each person with computer
access
- Restrict physical access to cardholder data
|
| Regularly Monitor and Test Networks |
- Track and monitor all access to network resources
and cardholder data
- Regularly test security systems and processes
|
| Maintain an Information Security Policy |
- Maintain a policy that addresses information
security
|
