| Build and Maintain a Secure Network |
| Requirements |
Solutions |
| Install and maintain a firewall configuration to protect cardholder data. |
-
- Professional Services
- Security Operations
|
|
| Do not use vendor-supplied defaults for system passwords and other security parameters. |
- Professional Services
- Vulnerability Scanning (Partner Solutions)
|
|
| Protect Cardholder Data |
| Protect stored cardholder data. |
- Professional Services
- Managed Intrusion Prevention and Detection (Partner solutions)
|
|
| Encrypt transmission of cardholder data across open, public networks. |
- Professional Services
- Security Operations
- Encrypted E-mail
|
|
| Maintain a Vulnerability Management Program |
| Use and regularly update anti-virus software or programs. |
|
| Develop and maintain secure systems and applications. |
- Professional Services
- Security Operations
|
|
| Implement Strong Access Control Measures |
| Restrict access to cardholder data by business need-to-know. |
- Professional Services for Access Management, etc.
- Security Monitoring
- Apere solution
|
|
| Assign a unique ID to each person with computer access. |
- Professional Services
- Security Monitoring
|
|
| Restrict physical access to cardholder data. |
|
| Regularly Monitor and Test Networks |
| Track and monitor all access to network resources and cardholder data. |
- Security Monitoring
- Log Retention
- Apere IMAG solution
|
|
| Regularly test security systems and processes |
- Professional Services
- Security Monitoring
|
|
| Maintain an Information Security Policy |
| Maintain a policy that addresses information security for employees and contractors. |
- Professional Services
- Security Monitoring
- Apere IMAG solution
|
|
