PCI Compliance Checklist

The PCI Security Standards Council has outlined 12 requirements that are essential for PCI compliance.

A brief checklist of these 12 requirements is found below. Please note that 1 Stop PCI Scan is an Approved Scanning Vendor and is able to assist businesses in complying with requirement 11, requiring quarterly external vulnerability scans every year. We are also qualified to assist with penetration testing and internal vulnerability scanning.

A brief PCI Compliance checklist:

Use a firewall between the public network and the payment card data. Keep the firewall updated.
Do not use vendor-supplied default passwords that come with network equipment or devices used in payment processing. Change the vendor-supplied passwords immediately.
If you can at all avoid it, do not store cardholder data. If you have a business need to keep cardholder data, ensure that is is protected through strong encryption.
Use encryption to protect all transmission of cardholder data over any public network.
Use antivirus software on all machines in the cardholder data environment and ensure that the software is updated.
Check that your card processing applications and systems have vendor-supplied security patches installed.
Limit access to cardholder data to as few individuals as possible.
Assign a unique identification (ID) to each user so that everyone is accountable for their own actions in the cardholder data environment.
Physical access to the cardholder data environment should be restricted.
Monitor all access to the network and cardholder data environment.
Regularly test your security systems and your network environment. 1 Stop PCI Scan is certified to assist in this requirement.
Yearly penetration testing is required for many businesses. Click here for more information on this requirement.
Quarterly external and internal scanning is required for many businesses. Click here for more information on internal scanning.
Maintain a security policy and ensure that all personnel are aware of the security policy.

Greater detail regarding PCI Compliance can be found at the PCI Security Standards website in the PCI DSS v3.0 document.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

PCI Compliance Checklist

A brief PCI Compliance checklist:

Signup Now And Get Started

More

CONTACT

MEET US

LEGAL