PCI DSS
ConfigScan’s Key Benefits for PCI DSS
- Automated analysis that quickly turns PCI DSS requirements into actionable network security remediation steps.
- Helps monitors network configurations for accurate and complete PCI DSS accountability
- Speeds up regulatory compliance by providing auditors with detailed, relevant information and pre-defined or customized reports on access to payment card data
The PCI DSS framework is divided into 12 security requirements, or as VISA refers to them as the ‘Digital Dozen’ they are organized in six categories as follows:
1. Build and maintain a secure network
Req #1: Install and maintain a firewall configuration to protect cardholder data
Req #2: Do not use vendor-supplied defaults for system passwords and other security parameters
2. Protect cardholder data
Req #3 Protect stored cardholder data
Req #4 Encrypt transmission of cardholder data across open, public networks
3. Maintain a vulnerability management program
Req #5: Use and regularly update anti-virus software or programs
Req #6: Requirement 6: Develop and maintain secure systems and applications
4. Implement strong access control measures
Req #7: Restrict access to cardholder data by business need-to-know
Req #8: Assign a unique ID to each person with computer access
Req #9: Restrict physical access to cardholder data
5. Regularly monitor and test networks
Req #10: Track and monitor all access to network resources and cardholder data
Req #11: Regularly test security systems and processes
6. Maintain an information security policy
Req #12: Maintain a policy that addresses information security for employees and contractors
Next Steps
Quick Links
