If your business handles payment card data, PCI DSS compliance isn't just a good idea—it's a requirement from the major card brands.
1. Build and Maintain a Secure Network
Install and maintain a firewall configuration to protect cardholder data. Change all vendor-supplied defaults for system passwords and other security parameters.
2. Protect Cardholder Data
Encrypt transmission of cardholder data across open, public networks. Protect stored cardholder data with strong encryption algorithms.
3. Maintain a Vulnerability Management Program
Use and regularly update anti-virus software or programs. Develop and maintain secure systems and applications.
4. Implement Strong Access Control Measures
Restrict access to cardholder data by business need-to-know. Assign a unique ID to each person with computer access.