Home > PCI Data Security Standard: 12-step program for compliance
Information Security magazine:
EMAIL THIS

PCI Data Security Standard: 12-step program for compliance

08 Jun 2006 | Information Security magazine

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Unlike some government regulations, the PCI Data Security Standard is praised for its clarity. Here are the 12 basic requirements.

  1. Install and maintain a firewall configuration to protect data.
  2. Do not use vendor-supplied defaults for system passwords and other security parameters.
  3. Protect stored data.
  4. Encrypt the transmission of cardholder data and sensitive information across public networks.
  5. Use and regularly update antivirus software.
  6. Develop and maintain secure systems and applications.
  7. Restrict access to data by business need-to-know.
  8. Assign a unique ID to each person with computer access.
  9. Restrict physical access to cardholder data.
  10. Track and monitor all access to network resources and cardholder data.
  11. Regularly test security systems and processes.
  12. Maintain a policy that addresses information security.



Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Compliance Regulations
The power of the ICO: Liabilities for a data security breach
Privacy, data protection must be built into system design, says ICO
Using ISO 27000 to comply with Data Protection Act principles
Latest U.K. data security laws get tough on fines, PETs and policies
Will the Data Handling Review improve government security practices?
The 'appropriate' way to comply with Data Protection Act 1998
Best practices: Handling compliance during a corporate merger
Information Commissioner turns up the heat on data breach culprits
Email confusion could look bad in court
Firms aim to achieve PCI compliance deadline, despite the cost

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Basel II  (SearchSecurityUK.com)
EU Data Protection Directive  (SearchSecurityUK.com)
Financial Services Authority  (SearchSecurityUK.com)
UK Identity Cards Act  (SearchSecurityUK.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2008 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts