Compliance
Requirements:
-
Firewalls and User Identification
-
Encrypted VPN (Virtual Private Network)
-
Offsite, Tier-4 Back-up
-
Multi-Factor Authentication
-
Private Hosting Environment and Physical Safeguarding
-
SSL Certificates
-
Proper Data Disposal
-
Requirements:
-
Install and maintain a firewall configuration to protect cardholder data.
-
Do not use vendor-supplied defaults for system passwords and other security parameters.
-
Protect stored cardholder data.
-
Encrypt transmission of cardholder data across open, public networks.
-
Use and regularly update anti-virus software.
-
Develop and maintain secure systems and applications.
-
Restrict access to cardholder data by business need-to-know.
-
Assign a unique ID to each person with computer access.
-
Restrict physical access to cardholder data.
-
Track and monitor all access to network resources and cardholder data.
-
Regularly test security systems and processes.
-
Maintain a security policy and ensure that all personnel are aware of it.
Terms & Conditions:
Since 2010, PCG has held over 60 Information Technology Staff Augmentation contracts; providing services to government and private entities alike.