Negative media coverage, a loss of customer confidence, and the resulting loss in sales can cripple a business. As a result, all entities that handle credit cardholder information are being challenged to adopt more effective data protection measures. The Payment Card Industry (PCI) Data Security Standard (DSS) was created to confront the rising threat to credit cardholder personal information. This compliance guide will provide readers with an overview of the requirements as well as suggested steps in achieving PCI compliance.
Below is a preview of this compliance guide—updated to include the new requirements outlined by PCI DSS version 3.0. Fill out the form to the right to download your copy of the full compliance guide!
Negative media coverage, a loss of customer confi dence, and the resulting loss in sales can cripple a business. Asa result, all entities that handle credit cardholder information are being challenged to adopt more effective data protection measures.The Payment Card Industry Data Security Standard (PCI DSS) was created to protect credit cardholder data. The PCI DSS encompasses twelve requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures. These requirements are grouped into six major categories:
Build and maintain a secure network
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect cardholder data
Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks