PCI DSS stands for Payment Card Industry Data Standard Security. At the end of 2004, Visa and MasterCard came together in order to enhance card security at industry levels. Visa and MasterCard were soon joined by other big brands like American Express.
PCI DSS is a set of principles and requirements around which businesses need to base their data security to become PCI Compliant:
Build and Maintain a Secure Network
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes
Maintain an Information Security Policy
Requirement 12: Maintain a policy that addresses information security
(PCI Security Standards Council (2006), About the PCI Data Security Standard (PCI DSS), Retrieved 14 September 2009 from www.pcisecuritystandards.org)
Being PCI-Compliant is mandatory for all industries that store, transmit or process card data whether electronically or manually. With the huge surge in black market card data and fraud instances, PCI-Compliance is now more important than ever. To find out how you can become PCI-Compliant with help from elitetele.com, call us on 0844 875 8880. We can help you make your card data 100% secure.
