Request a Quote
  • Customer Login
    • Remote Security
    • Merchant Compliance Program
Home Services Industry Resources PCI Compliance About Us Blog Contact
  • Home
  • Services
  • Industry Resources
    • Payment Card Industry (PCI)
    • Financial Services
      • Compliance Services
        • Basel II
        • CA SB 1386
        • Federal Financial Institutions Examinations Council (FFIEC)
        • Gramm-Leach-Bliley Act (GLBA)
        • Payment Card Industry (PCI)
        • Sarbanes-Oxley (SOX)
      • Testing & Review
      • Vulnerability Scanning
      • Internal Audit Outsourcing
    • Government & DOD
    • Healthcare
    • Schools & Universities
    • Legal
    • Public Companies
    • Public Utilities
  • PCI Compliance
  • About Us
  • Blog
  • Contact
Payment Card Industry (PCI)

The Payment Card Industry Data Security Standard (PCI DSS) was established by the PCI Security Standards Council to help organizations process payment card data in a secure environment to prevent credit card fraud. The PCI DSS increases security of credit card data by increasing data controls and its exposure to threads. The PCI standards apply to any organization which holds, processes, or passes cardholder information from any card brand.

The PCI DSS is organized into twelve security standard requirements under six functional areas as listed below:

Establish & Maintain a Secure Network

  • Requirement 1: Install and maintain a firewall configuration to protect cardholder data
  • Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Secure Cardholder Data

  • Requirement 3: Protect stored cardholder data
  • Requirement 4: Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

  • Requirement 5: Use and regularly update anti-virus software
  • Requirement 6: Develop and maintain secure systems and applications

Implement Strong Access Control Measures

  • Requirement 7: Restrict access to cardholder data by business need-to-know
  • Requirement 8: Assign a unique ID to each person with computer access
  • Requirement 9: Restrict physical access to cardholder data

Regularly Monitor & Test Information Systems

  • Requirement 10: Track and monitor all access to network resources and cardholder data
  • Requirement 11: Regularly test security systems and processes

Maintain an Information Security Policy

  • Requirement 12: Maintain a policy that addresses information security

Each functional area, or control objectives, contains requirements that must be in place to meet the objective of the Payment Card Industry Data Security Standard.

Intersec Worldwide is an authorized Qualified Security Assessors Company (QSAC), able to meet all your PCI compliance needs. We have experience working with the largest merchants and card brands, making our assessors some of the most qualified in the industry. We can provide all services pertaining to PCI, from GAP Assessment and remediation to final reporting and certification. Our experience and expertise in the PCI Auditing process makes Intersec Worldwide the ideal choice for your payment card security needs.
 

Copyright @ 2012 Intersecworldwide. All rights reserved.
  • Home
  • Services
  • Industry Solutions
  • About Us
  • Contact