Responsible Security and Responsible Disclosure: Why a VDP Matters
No organization has perfect security, so a VDP serves as one layer of many in a mature vulnerability management program. Learn about what a VDP…
Payment Card Industry Data Security Standard (PCI DSS) is the global industry standard set of policies and procedures intended to enhance data security for all organizations that process, store, or transmit cardholder data. It has been adopted by all the major payment card brands as the standard model of data security. It contains practical steps that mirror security best practices.
The PCI DSS version 3.0 specifies 12 requirements for compliance, organized into six logically related groups, which are called “goals.”
Requirement 1: Install and maintain a firewall and router configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks
Requirement 5: Protect all systems against malware and regularly update anti-virus software or programs
Requirement 6: Develop and maintain secure systems and applications
Requirement 7: Restrict access to cardholder data by business need to know
Requirement 8: Identify and authenticate access to system components
Requirement 9: Restrict physical access to cardholder data
Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes
Requirement 12: Maintain a policy that addresses information security for all personnel
No organization has perfect security, so a VDP serves as one layer of many in a mature vulnerability management program. Learn about what a VDP…
As regulations change, your company must deploy additional resources to understand the relevant rules in order to develop the appropriate workflows. With the systematic approach…
LogicGate's Senior Information Security Analyst, Anthony Matar, discusses the 3 most common policy management pitfalls and how to avoid them.