|
[PCI DSS 1.x] 12.3.10 When accessing cardholder data remotely via modem, prohibition of storage of cardholder data
|
|
1
|
3890
|
September 30, 2009
|
|
[PCI DSS 1.x] 6.3 Develop software applications in accordance with PCI DSS (for example, secure authenti
|
|
1
|
3374
|
September 7, 2009
|
|
[PCI DSS 1.x] 3.2.2 Do not store the card-verification code or value (three-digit or four-digit number p
|
|
1
|
5007
|
August 3, 2009
|
|
[PCI DSS 1.x] 1.3.4 Do not allow internal addresses to pass from the Internet into the DMZ.
|
|
3
|
8447
|
June 22, 2009
|
|
[PCI DSS 1.x] 6.5.7 Improper error handling
|
|
2
|
3852
|
June 14, 2009
|
|
[PCI DSS 1.x] 3.6.4 Periodic cryptographic key changes
|
|
1
|
7428
|
April 22, 2009
|
|
[PCI DSS 1.x] 11.1 Test security controls, limitations, network connections, and restrictions annually to assure t
|
|
2
|
4986
|
March 16, 2009
|
|
[PCI DSS 1.x] 10.2.1 All individual accesses to cardholder data
|
|
2
|
5307
|
August 8, 2008
|
|
[PCI DSS 1.x] 1.3.8 Implement IP masquerading to prevent internal addresses from being translated and re
|
|
1
|
4369
|
June 3, 2008
|
|
[PCI DSS 1.x] 8.5.8 Do not use group, shared, or generic accounts and passwords
|
|
1
|
6439
|
February 12, 2008
|
|
[PCI DSS 1.x] A.1.4 Enable processes to provide for timely forensic investigation in the event of a compromise to
|
|
0
|
11213
|
March 18, 2007
|
|
[PCI DSS 1.x] A.1.3 Ensure logging and audit trails are enabled and unique to each entity's cardholder data enviro
|
|
0
|
2525
|
March 18, 2007
|
|
[PCI DSS 1.x] A.1.2 Restrict each entity's access and privileges to own cardholder data environment only
|
|
0
|
2557
|
March 18, 2007
|
|
[PCI DSS 1.x] A.1.1 Ensure that each entity only has access to own cardholder data environment
|
|
0
|
2366
|
March 18, 2007
|
|
[PCI DSS 1.x] A.1 Protect each entity's (that is merchant, service provider, or other entity) hosted environment a
|
|
0
|
3372
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.4 Connect and disconnect entities by following an established process
|
|
0
|
3034
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.2 Ensure proper due diligence is conducted prior to connecting an entity
|
|
0
|
2847
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.1 Maintain list of connected entities
|
|
0
|
3248
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10 All processors and service providers must maintain and implement policies and procedures to ma
|
|
0
|
2931
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.6 Develop process to modify and evolve the incident response plan according to lessons learned
|
|
0
|
2143
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.5 Include alerts from intrusion detection, intrusion prevention, and file integrity monitoring
|
|
0
|
3289
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.4 Provide appropriate training to staff with security breach response responsibilities
|
|
0
|
2525
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.3 Designate specific personnel to be available on a 24/7 basis to respond to alerts
|
|
0
|
1632
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.2 Test the plan at least annually
|
|
0
|
1682
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.1 Create the incident response plan to be implemented in the event of system compromise. Ensure
|
|
0
|
4705
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9 Implement an incident response plan. Be prepared to respond immediately to a system breach.
|
|
0
|
2302
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.8.1 Service providers must adhere to the PCI DSS requirements
|
|
0
|
3197
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.8 If cardholder data is shared with service providers, then contractually the following is requir
|
|
0
|
2233
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.7 Screen potential employees to minimize the risk of attacks from internal sources.
For those em
|
|
0
|
2513
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6.2 Require employees to acknowledge in writing that they have read and understood the company's
|
|
0
|
3561
|
March 18, 2007
|