Payment Card Industry (PCI)
data Security Standard Checklist
- Build and Maintain a Secure Network
- Requirement 1: Install and maintain a firewall configuration to protect data
- Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect Cardholder Data
- Requirement 3: Protect stored data
- Requirement 4: Encrypt transmission of cardholder data and sensitive information across public networks
- Maintain a Vulnerability Management Program
- Requirement 5: Use and regularly update anti-virus software
- Requirement 6: Develop and maintain secure systems and applications
- Implement Strong Access Control Measures
- Requirement 7: Restrict access to data by business need-to-know
- Requirement 8: Assign a unique ID to each person with computer access
- Requirement 9: Restrict physical access to cardholder data
- Regularly Monitor and Test Networks
- Requirement 10: Track and monitor all access to network resources and cardholder data
- Requirement 11: Regularly test security systems and processes.
- Maintain an Information Security Policy
- Requirement 12: Maintain a policy that addresses information security
