PCI Data Security Standard Requirements
12 PCI Data Security Standard Requirements – All Must Be Met
There are 12 requirements that must be met by the merchant in order to be PCI Compliant, of which none are optional (in other words, every question must be answered “Yes”):
1. Install and maintain a firewall configuration to protect cardholder data.
2. Do not use vendor-supplied defaults for system passwords and other security parameters.
3. Protect stored cardholder data.
4. Encrypt transmission of cardholder data across open, public networks.
5. Use and regularly update anti-virus software or programs.
6. Develop and maintain secure systems and applications.
7. Restrict access to cardholder data by business need to know.
8. Assign a unique ID to each person with computer access.
9. Restrict physical access to cardholder data.
10. Track and monitor all access to network resources and cardholder data.
11. Regularly test security systems and processes.
12. Maintain a policy that addresses information security for all personnel.
These items are gone over in detail by filing out all questions in the PCI SAQ questionnaire, which can be downloaded by clicking on the link (in order to be compliant, a merchant MUST answer “Yes” or “N/A” to all questions. “N/A” must a reasonable explanation as to why the answer is “N/A”).
PC Medics of Alabama has the staff and engineers to make your business meet all of the PCI SAQ requirements. Contact us today to schedule your consultation.
PC Medics of Alabama • PO Box 26762 • Birmingham, Alabama 35260 • 205.201.0389 Voice • 928-244-4879 Fax • pcmdxal@gmail.com • www.pcmdx.net