What are the PCI DSS requirements and how do I become compliant?
Under the PCI DSS, merchants must prove they have implemented the following
security measures:
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
- Use and regularly update anti-virus software on all systems commonly affected by malware
- Develop and maintain secure systems and applications
- Restrict access to cardholder data by business need-to-know
- Assign a unique ID to each person with computer access
- Restrict physical access to cardholder data
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
- Maintain a policy that addresses information security
These requirements can seem daunting and overly technical at first. However, there is one simple and cost effective way of meeting most of these goals: NetComm’s NetAssure managed network service.