​​Need help? Call Us: (805) 505-7375                  Check Novesh's Event Calendar for our Exciting Cybersecurity Workshops at Thousand Oaks City Hall.         

Credit card

What is the PCI-DSS Compliance?

The PCI-DSS is an information processing standard that provides a framework for protecting payment card transactions and cardholder details from fraudsters. It specifies a set of baseline measures you must put in place to help minimize the risk of cardholder data compromise.

Who needs to be PCI-DSS compliant?

The standard applies to any business or organization that accepts or processes card payments. So it predominantly affects retail businesses and any company that provides software or hardware used to process transactions.

What are the 12 requirements of PCI-DSS Compliance?

The PCI-DSS Compliance specifies twelve technical and operational requirements as follows: 

  1. Install and Maintain a Firewall Configuration to Protect Cardholder Data 
  2. Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters 
  3. Protect Stored Cardholder Data 
  4. Encrypt Transmission of Cardholder Data across Open, Public Networks 
  5. Use and Regularly Update Antivirus Software or Programs 
  6. Develop and Maintain Secure Systems and Applications 
  7. Restrict Access to Cardholder Data by Business Need to Know 
  8. Assign a Unique ID to Each Person with Computer Access 
  9. Restrict Physical Access to Cardholder Data 
  10. Track and Monitor All Access to Network Resources and Cardholder Data 
  11. Regularly Test Security Systems and Processes
  12. Maintain a Policy That Addresses Information Security for Employees and Contractors

If you need more info about these services, please contact us.