PCI DSS Consulting « IT Security Geeks

PCI DSS Consulting

The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard which was defined by the Payment Card Industry Security Standards Council (PCI SSC).

The PCI DSS is there to help prevent fraud and to aid in securing all online payment card transactions.

PCI DSS can be broken down into the following 12 security requirements:

1. Install and maintain a firewall configuration to protect cardholders data.

2. Do not use vendor-supplied defaults for system passwords and other security parameters.

3. Protect stored cardholders data.

4. Encrypt transmission of cardholders data across open, public networks.

5.Use and regularly update anti-virus software on all systems commonly affected by malware.

6. Develop and maintain secure systems and applications.

7. Restrict access to cardholders data by business need-to-know.

8. Assign a unique ID to each person with computer access.

9. Restrict physical access to cardholder data.

10. Track and monitor all access to network resources and cardholder data.

11. Regularly test security systems and processes.

12. Maintain a policy that addresses information security.

We are able to help you meet the PCI DSS requirements in a timely and efficient manner, and recommend solutions, that will not only help you obtain compliance, but also to strengthen the overall security posture of your organization.