Build and Maintain a Secure Network
-
Requirement 1:
Install and maintain a firewall configuration to protect cardholder data
-
Requirement 2:
Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
-
Requirement 3:
Protect stored cardholder data
-
Requirement 4:
Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
-
Requirement 5:
Use and regularly update anti-virus software
-
Requirement 6:
Develop and maintain secure systems and applications
Implement Strong Access Control Measures
-
Requirement 7:
Restrict access to cardholder data by business need-to-know
-
Requirement 8:
Assign a unique ID to each person with computer access
-
Requirement 9:
Restrict physical access to cardholder data
Regularly Monitor and Test Networks
-
Requirement 10:
Track and monitor all access to network resources and cardholder data
-
Requirement 11:
Regularly test security systems and processes
Maintain an Information Security Policy
-
Requirement 12:
Maintain a policy that addresses information security
