Security Investigate

Supporting Compliance With Payment Card Industry Data Security Standard (PCI-DSS)

Download now Free registration required

Executive Summary

The majority of the PCI-DSS requirements relate to network security. On the one hand, they are designed to ensure that network security practices eliminate or minimize known risks. On the other hand, they ensure that the organization defines well-structured policies, procedures and practices that can be tracked and audited. Data is only as secure as the pathways that provide access to it. PCI-DSS requires firewalls to limit external access to sensitive data, combined with a formal process for monitoring all changes to firewall configuration. The standard defines a number of aspects of firewall operations that must be tracked and audited regularly, including clear definitions of roles and responsibilities.

  • Format: PDF
  • Size: 327.9 KB