PCI:

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 12:44, 26 June 2006 by Mdpeters (talk | contribs)
Jump to navigation Jump to search

Payment Card Industry PCI, VISA CISP

Build and Maintain a Secure Network


Protect Cardholder Data


Maintain a Vulnerability Management Program


Regularly Monitor and Test Networks


Maintain an Information Security Policy




  • Note that these Payment Card Industry (PCI) Data Security Requirements apply to all Members, merchants, and service providers that store, process or transmit cardholder data. Additionally, these security requirements apply to all “system components” which is defined as any network component, server, or application included in, or connected to, the cardholder data environment. Network components, include, but are not limited to, firewalls, switches, routers, wireless access points, network appliances, and other security appliances. Servers include, but are not limited to, web, database, authentication, DNS, mail, proxy, and NTP. Applications include all purchased and custom applications, including internal and external (web) applications.


--Mdpeters 07:50, 26 June 2006 (EDT)