PCI DSS Requirements

Build and Maintain a Secure Network

Requirement 1: Install and maintain a firewall configuration to protect cardholder data

Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters


Protect Cardholder Data

Requirement 3: Protect Stored cardholder data

Requirement 4: Encrypt transmission of cardholder data across open, public networks


Maintain a Vulnerability Management Program

Requirement 5: Use and regularly update anti-virus software

Requirement 6: Develop and maintain secure systems and applications


Implement Strong Access Control Measures

Requirement 7: Restrict access to cardholder data by business need-to-know

Requirement 8: Assign a unique ID to each person with computer access

Requirement 9: restrict physical access to cardholder data


Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data

Requirement 11: Regularly test security systems and processes


Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security