Passing PCI audits can be a painful experience, but it doesn’t have to be that way. Tripwire solutions are used by eight of the top ten global retailers and we’ve helped thousands of customers achieve and maintain PCI compliance since version one of the PCI regulations.
Aaron Warner, Systems Engineer Manager at Tripwire, shows you how to:
-Avoid the top three mistakes of PCI compliance audits
-Build audit-ready PCI reports with less effort
-Stay PCI compliant once you’ve passed an audit
4. 1: Build and
Maintain a
Secure Network
2: Protect
Cardholder Data
3: Maintain a
Vulnerability
Management
Program
4: Implement
Strong Access
Control Measures
5: Regularly
Monitor and Test
Networks
6: Maintain an
Information
Security Policy
Requirement 1:
Install and maintain a
firewall configuration
to Protect Cardholder
Data
Requirement 3:
Protect stored
cardholder data
Requirement 5:
Protect all systems
against malware and
regularly update anti-
virus software or
programs
Requirement 7:
Restrict access to
cardholder data by
business need to
know
Requirement 10:
Track and monitor
all access to
network resources
and cardholder data
Requirement 12:
Maintain a policy that
addresses information
security for all
personnel
Requirement 2:
Do not use vendor-
supplied defaults for
system passwords
and other security
parameters
Requirement 4:
Encrypt transmission
of cardholder data
across open, public
networks
Requirement 6:
Develop and maintain
secure systems and
applications
Requirement 8:
Identify and
authenticate access
to system
components
Requirement 11:
Regularly test
security systems
and processes
Requirement 9:
Restrict physical
access to cardholder
data
Validates
Provides
Supports