PCI Compliance
Keeping Our Customers & Customer's Customer's Safe.
The PCI Data Security Standard
With over 250 sub-requirements, the PCI DSS can be sorted at a high level into six goals and 12 main requirements.Six Goals, 12 Requirements
Goals PCI DSS Requirements Build and Maintain a Secure Network and Systems1: Install and maintain a firewall configuration to protect cardholder data
2: Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder Data
3: Protect stored cardholder data (1-way Tokens !)
4: Encrypt transmissions of cardholder data across open, public networks Maintain a Vulnerability Management Program
5: Protect all systems against malware and regularly update anti-virus software or programs
6: Develop and maintain secure systems and applications Implement Strong Access Control Measures
7: Restrict access to cardholder data by business need-to-know
8: Identify and authenticate access to system components
9: Restrict physical access to cardholder data Regularly Monitor and Test Networks
10: Track and monitor all access to network resources and cardholder data
11: Regularly test security systems and processes Maintain an Information Security Policy
12: Maintain a policy that addresses information security for all personnel
JUNE 30th 2018 DEADLINE:
https://blog.pcisecuritystandards.org/webinar-ssl-and-early-tls-migration-preparing-for-30-june-deadline