Install and maintain a firewall configuration to protect cardholder data, and do not use vendor-supplied defaults for system passwords and other security parameters.
Ensure sufficient protection of stored cardholder data, including encrypting the transmission of cardholder data across open, public networks.
Develop and maintain a vulnerability management program that includes using and regularly updating anti-virus software or programs and developing and maintaining secure systems and applications.
Access control measures to be deployed include restricting access to cardholder data by a need-to-know policy, assigning a unique ID to each person and restricting physical access to cardholder data.
Maintain records of all access to network resources and cardholder data and regularly test security systems and processes.
Ensure the implementation of a policy that addresses information security for employees and contractors.
Learn about the top 20 use cases for smart cloud security and what to consider in terms of functional and architectural requirements for each use case.Learn more