What are the 12 PCI Requirements

1. Have Firewall
2. No Defaults
3. Protect Stored Data
   1. Hashing the entire PAN using strong cryptography while transferring
      
4. Encrypt Transmission of Data over network
5. Have Antivirus
6. Develop and Maintain Secure System and applications
7. Restrict access to card holder data - Role based access control.
   1. Restrict access to cardholder data by business need-to-know
8. Assign a Unique ID to each person with computer access
   1. A digital certificate is a valid for "something you have" as long as it is unique for a particular user.
   2. ​Identify and authenticate access to system components
9. Restrict Physical Access to Card Holder Data
10. Track and Monitor all access to cardholder data and networks resources 
11. Test Regularly
12. Have a policy
    1. Information Security Policies must be reviewed/updated Yearly to meet requirement.