The Payment Card Industry Data Security Standard (PCI DSS) is a comprehensive standard intended to help organizations protect customer account data. The requirements of this standard are organized around specific elements, each containing a number of mandates and sub-mandates that need to be complied to, either through internal procedures or through the use of technology. Over recent years, security market leaders have identified which of their products can be used to meet these PCI DSS mandates. The matrix below summarizes how product vendors listed in Computime’s IT Security portfolio can help organizations to comply with these specific mandates.
Below is an outline of the top-level requirements from Version 1.2 of the PCI Standards; for more detailed information, please log on to https://www.pcisecuritystandards.org/
Requirement 1
Install and maintain a firewall configuration to protect cardholder data
Requirement 2
Do not use vendor-supplied defaults for system passwords and other security parameters
Requirement 3
Protect stored cardholder data
Requirement 4
Encrypt transmission of cardholder data across open, public networks
Requirement 5
Use and regularly update anti-virus software or programmes
Requirement 6
Develop and maintain secure systems and applications
Requirement 7
Restrict access to cardholder data by business need to know
Requirement 8
Assign a unique ID to each person with computer access
Requirement 9
Restrict physical access to cardholder data
Requirement 10
Track and monitor all access to network resources and cardholder data
Requirement 11
Regularly test security systems and processes
Requirement 12
Maintain a policy that addresses information security for employees and contractors
Click here to see a full list of Computime’s products, and the PCI mandate which they cater for.