What Does Payment Card Industry Data Security Standard (PCI DSS) Mean?
Payment card industry data security standard is a proprietary standard for all organizations that processes, transmit,s or stores payment cardholder data.
Techopedia Explains Payment Card Industry Data Security Standard (PCI DSS)
The payment card industry data security standard is managed by the payment card industry standards council. Validation of the compliance by the organizations is done through a periodic network scan as well through annual security audit.
Requirement 1: In order to protect data, installing and maintain a firewall configuration.
Requirement 2: Avoiding vendor supplied defaults for security parameters and system passwords.
Requirement 3: Protecting the data which is stored.
Requirement 4: Across the public networks, all sensitive information and cardholder data needs to be encrypted before transmission.
Requirement 5: Anti-virus software needs to be used and regularly updated.
Requirement 6: Secure systems and applications needs to be developed and maintained.
Requirement 7: Restriction of data with proper access controls.
Requirement 8: Providing a unique ID for each user with computing access
Requirement 9: Restriction of cardholder data physically.
Requirement 10: All access to cardholder data and resources in network needs to be monitored and tracked.
Requirement 11: Periodic test of security processes and environments.
Requirement 12: Maintenance of policy standards which helps in addresses all information security related processes and issues.
