The Payment Card Industry Data Security Standard

The most comprehensive vertical search directory of enterprise technology solutions, research, reviews and advice to help technology buyers make the best purchasing decisions.

The Payment Card Industry Data Security Standard
from CDW

View This Now

White Paper

Description:
The Payment Card Industry Data Security Standard (PCI-DSS) was established in order to protect cardholders and their sensitive and personal data from identity thieves. That's good news for all consumers, and especially for consumers whose main form of payment is a credit card or payment card of some type. But what are the ramifications for merchants? Where can they go to find out how to comply?

CWD White Paper Sample

Beginning in June of 2001, some of the major credit card companies began developing requirements in an effort to protect their cardholders’ data. By 2004 they had traded their individual policies for a common set of requirements and a single validation process for merchants and service providers. These requirements became known as the Payment Card Industry Data Security Standards (PCI DSS).

The PCI DSS was created to provide “an actionable framework for developing a robust account data security process -- including preventing, detecting and reacting to security incidents.” It sets about doing this by establishing 12 requirements for technology implementations and the methodologies needed for testing their effectiveness. These requirements fall under six “control objectives,” and, as a blueprint for effective data security, many agree that they’re best practices.

Build and Maintain a Secure Network
Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

View This Now

View all resources by CDW