PCI DSS PDF Print E-mail

A

ll entities that transmit, process or store payment card data must be compliant with the Payment Card Industry Data Security Standard, known as PCI DSS. This comprehensive standard is intended to help organizations proactively protect customer account data.

PCI DSS was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.  It is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures.

Current PCI DSS documents including the standards text, self assessment questionnaires and prioritized compliance approach are available in our PCI DSS Compliance Library.

How USDN Can Assist Your Organization with PCI DSS Compliance

USDN can assist clients to prepare for compliance with PCI DSS though the following methodology:

  • Perform testing of client's current compliance status with respect to the following 12 PCI requirements
    • Requirement 1: Install and maintain a firewall configuration to protect data - Including all 10 testing points and data collection evaluations
    • Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters - Including all 6 testing points and data collection evaluations
    • Requirement 3: Protect stored data - Including all 6 testing points and data collection evaluations
    • Requirement 4: Encrypt transmission of cardholder data and sensitive information across public networks - Including all 5 testing points and data collection evaluations
    • Requirement 5: Use and regularly update anti-virus software - Including 1 testing point
    • Requirement 6: Develop and maintain secure systems and applications - Including all 8 testing points and data collection evaluations
    • Requirement 7: Restrict access to data by business need-to-know - Including 1 testing point
    • Requirement 8: Assign a unique ID to each person with computer access - Including all 11 testing points and data collection evaluations
    • Requirement 9: Restrict physical access to cardholder data - Including all 7 testing points and data collection evaluations
    • Requirement 10: Track and monitor all access to network resources and cardholder data - Including all 5 testing points and data collection evaluations
    • Requirement 11: Regularly test security systems and processes - Including all 4 testing points and data collection evaluations
    • Requirement 12: Maintain a policy that addresses information security - Including all 11 testing points and data collection evaluations
  • Compile gap analysis based on test findings
  • Provide remediation plan
  • Implement remediation solutions

Contact Us

For more information on how USDN can help your organization with its PCI DSS needs, please contact us at This e-mail address is being protected from spambots. You need JavaScript enabled to view it or call (866) 930-4312 (Toll Free).

 
 
Home Services Consulting Compliance PCI DSS