- Have Firewall
- No Defaults
- Protect Stored Data
- Hashing the entire PAN using strong cryptography while transferring
- Hashing the entire PAN using strong cryptography while transferring
- Encrypt Transmission of Data over network
- Have Antivirus
- Develop and Maintain Secure System and applications
- Restrict access to card holder data - Role based access control.
- Restrict access to cardholder data by business need-to-know
- Assign a Unique ID to each person with computer access
- A digital certificate is a valid for "something you have" as long as it is unique for a particular user.
- Identify and authenticate access to system components
- Restrict Physical Access to Card Holder Data
- Track and Monitor all access to cardholder data and networks resources
- Test Regularly
- Have a policy
- Information Security Policies must be reviewed/updated Yearly to meet requirement.
0 Comments
Leave a Reply. |
Join DFIR Global Slack ChannelMac Forensics
|