PCI:: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
No edit summary
No edit summary
Line 10: Line 10:
<br>
<br>
'''Maintain a Vulnerability Management Program'''  
'''Maintain a Vulnerability Management Program'''  
* [[PCI 5:|'''Requirement 5: Use and regularly update anti-virus software Requirement 6: Develop and maintain secure systems and applications  
* [[PCI 5:|'''Requirement 5: Use and regularly update anti-virus software.''']]
Implement Strong Access Control Measures.''']]
* [[PCI 6:|'''Requirement 6: Develop and maintain secure systems and applications and implement Strong Access Control Measures.''']]
* [[PCI 7:|'''Requirement 7: Restrict access to data by business need-to-know.''']]
* [[PCI 7:|'''Requirement 7: Restrict access to data by business need-to-know.''']]
* [[PCI 8:|'''Requirement 8: Assign a unique ID to each person with computer access.''']]   
* [[PCI 8:|'''Requirement 8: Assign a unique ID to each person with computer access.''']]   

Revision as of 12:44, 26 June 2006

Payment Card Industry PCI, VISA CISP

Build and Maintain a Secure Network


Protect Cardholder Data


Maintain a Vulnerability Management Program


Regularly Monitor and Test Networks


Maintain an Information Security Policy




  • Note that these Payment Card Industry (PCI) Data Security Requirements apply to all Members, merchants, and service providers that store, process or transmit cardholder data. Additionally, these security requirements apply to all “system components” which is defined as any network component, server, or application included in, or connected to, the cardholder data environment. Network components, include, but are not limited to, firewalls, switches, routers, wireless access points, network appliances, and other security appliances. Servers include, but are not limited to, web, database, authentication, DNS, mail, proxy, and NTP. Applications include all purchased and custom applications, including internal and external (web) applications.


--Mdpeters 07:50, 26 June 2006 (EDT)