8.2,Assign a unique ID to each person with computer access
8.3,Assign a unique ID to each person with computer access
2.4,Do not use vendor-supplied defaults for system passwords and other security parameters
9.5,Restrict physical access to cardholder data
9.6,Restrict physical access to cardholder data
9.7,Restrict physical access to cardholder data
9.8,Restrict physical access to cardholder data
9.9,Restrict access to cardholder data by business need to know
1.1.1,Install and maintain a firewall configuration to protect cardholder data
1.1.2,Install and maintain a firewall configuration to protect cardholder data
1.1.3,Install and maintain a firewall configuration to protect cardholder data
10.1,Track and monitor all access to network resources and cardholder data
12.10.5,Maintain a policy that addresses information security for all personnel
10.6,Track and monitor all access to network resources and cardholder data
1.2,Install and maintain a firewall configuration to protect cardholder data
2.2,Do not use vendor-supplied defaults for system passwords and other security parameters
7.1,Restrict access to cardholder data by business need to know
7.2,Restrict access to cardholder data by business need to know
9.3,Restrict access to cardholder data by business need to know
12.5.2,Maintain a policy that addresses information security for all personnel
6.1,Develop and maintain secure systems and applications
11.2,Regularly test security systems and processes
11.3,Regularly test security systems and processes
12.2,Maintain a policy that addresses information security for all personnel
12.10.1,Maintain a policy that addresses information security for all personnel
6.2,Develop and maintain secure systems and applications
6.5,Develop and maintain secure systems and applications
10.6.3,Track and monitor all access to network resources and cardholder data
5,Use and regularly update anti-virus software or programs
12.1,Maintain a policy that addresses information security for all personnel
1.1.5,Install and maintain a firewall configuration to protect cardholder data
7.3,Restrict access to cardholder data by business need to know
12.4,Maintain a policy that addresses information security for all personnel
12.6,Maintain a policy that addresses information security for all personnel
8.1.3,Assign a unique ID to each person with computer access
12.7,Maintain a policy that addresses information security for all personnel
9.1.1,Restrict access to cardholder data by business need to know
10.6.1,Track and monitor all access to network resources and cardholder data
10.6.2,Track and monitor all access to network resources and cardholder data
11.4,Regularly test security systems and processes
1,Install and maintain a firewall configuration to protect cardholder data
2,Do not use vendor-supplied defaults for system passwords and other security parameters
1.1,Install and maintain a firewall configuration to protect cardholder data
1.3,Install and maintain a firewall configuration to protect cardholder data
10.8,Track and monitor all access to network resources and cardholder data
9.5.1,Restrict access to cardholder data by business need to know
12.10.2,Maintain a policy that addresses information security for all personnel
12.10.6,Maintain a policy that addresses information security for all personnel
6.4.2,Develop and maintain secure systems and applications
8.7,Assign a unique ID to each person with computer access
9.6.1,Restrict access to cardholder data by business need to know
8.2.1,Assign a unique ID to each person with computer access
2.1,Do not use vendor-supplied defaults for system passwords and other security parameters
8.1,Assign a unique ID to each person with computer access
8.5,Assign a unique ID to each person with computer access
8.6,Assign a unique ID to each person with computer access
12.3,Maintain a policy that addresses information security for all personnel
7.1.4,Restrict access to cardholder data by business need to know
8.2.2,Assign a unique ID to each person with computer access
6.7,Develop and maintain secure systems and applications
8.4,Assign a unique ID to each person with computer access
9.9.3,Restrict access to cardholder data by business need to know
12.8.2,Maintain a policy that addresses information security for all personnel
12.9,Maintain a policy that addresses information security for all personnel
6.4.1,Develop and maintain secure systems and applications
6.3,Develop and maintain secure systems and applications
6.4,Develop and maintain secure systems and applications
6.6,Develop and maintain secure systems and applications
12.5,Maintain a policy that addresses information security for all personnel
12.8,Maintain a policy that addresses information security for all personnel
11.1.2,Regularly test security systems and processes
12.5.3,Maintain a policy that addresses information security for all personnel
9.9.1,Restrict access to cardholder data by business need to know
11.1.1,Regularly test security systems and processes
11.1,Regularly test security systems and processes
5.1,Use and regularly update anti-virus software or programs
5.1.1,Use and regularly update anti-virus software or programs
5.2,Use and regularly update anti-virus software or programs
1.4,Install and maintain a firewall configuration to protect cardholder data
1.1.6,Install and maintain a firewall configuration to protect cardholder data
1.2.3,Install and maintain a firewall configuration to protect cardholder data
2.2.2,Do not use vendor-supplied defaults for system passwords and other security parameters
2.1.1,Do not use vendor-supplied defaults for system passwords and other security parameters
4.1.1,"Encrypt transmission of cardholder data across open, public networks"
10.5.3,Track and monitor all access to network resources and cardholder data
1.1.4,Install and maintain a firewall configuration to protect cardholder data
1.3.2,Install and maintain a firewall configuration to protect cardholder data
1.3.3,Install and maintain a firewall configuration to protect cardholder data
1.3.4,Install and maintain a firewall configuration to protect cardholder data
1.3.5,Install and maintain a firewall configuration to protect cardholder data
12.6.1,Maintain a policy that addresses information security for all personnel
12.6.2,Maintain a policy that addresses information security for all personnel
12.10.4,Maintain a policy that addresses information security for all personnel
6.3.2,Develop and maintain secure systems and applications
6.5.1,Develop and maintain secure systems and applications
6.5.2,Develop and maintain secure systems and applications
6.5.3,Develop and maintain secure systems and applications
6.5.4,Develop and maintain secure systems and applications
6.5.5,Develop and maintain secure systems and applications
6.5.6,Develop and maintain secure systems and applications
6.5.7,Develop and maintain secure systems and applications
6.5.8,Develop and maintain secure systems and applications
6.5.9,Develop and maintain secure systems and applications
6.5.10,Develop and maintain secure systems and applications
12.10.3,Maintain a policy that addresses information security for all personnel
11.3.1,Regularly test security systems and processes
11.3.2,Regularly test security systems and processes
11.5,Regularly test security systems and processes
4.1,"Encrypt transmission of cardholder data across open, public networks"
3.4,Protect stored cardholder data
3.4.1 ,Protect stored cardholder data
2.2.1,Do not use vendor-supplied defaults for system passwords and other security parameters
10.2.1,Track and monitor all access to network resources and cardholder data
7.1.1,Restrict access to cardholder data by business need to know
7.1.2,Restrict access to cardholder data by business need to know
7.1.3,Restrict access to cardholder data by business need to know
1.2.2,Install and maintain a firewall configuration to protect cardholder data
8.1.8,Assign a unique ID to each person with computer access
1.3.1,Install and maintain a firewall configuration to protect cardholder data
1.2.1,Install and maintain a firewall configuration to protect cardholder data
2.2.5,Do not use vendor-supplied defaults for system passwords and other security parameters
8.1.1,Assign a unique ID to each person with computer access
8.1.4,Assign a unique ID to each person with computer access
2.3,Do not use vendor-supplied defaults for system passwords and other security parameters
8.3.2,Assign a unique ID to each person with computer access
8.3.1,Assign a unique ID to each person with computer access
11.2.1,Regularly test security systems and processes
10.7,Track and monitor all access to network resources and cardholder data
10.2,Track and monitor all access to network resources and cardholder data
10.3,Track and monitor all access to network resources and cardholder data
10.4,Track and monitor all access to network resources and cardholder data
10.2.2,Track and monitor all access to network resources and cardholder data
10.2.4,Track and monitor all access to network resources and cardholder data
10.2.5,Track and monitor all access to network resources and cardholder data
10.5.4,Track and monitor all access to network resources and cardholder data
12.10.5 ,Maintain a policy that addresses information security for all personnel
12.3.10,Maintain a policy that addresses information security for all personnel
12.3.8,Maintain a policy that addresses information security for all personnel
12.3.9,Maintain a policy that addresses information security for all personnel
8.1.5,Assign a unique ID to each person with computer access
8.5.1,Assign a unique ID to each person with computer access
10.9,Track and monitor all access to network resources and cardholder data
12.11,Maintain a policy that addresses information security for all personnel
"3,1",Protect stored cardholder data
9.9.2,Restrict access to cardholder data by business need to know
3.1,Protect stored cardholder data
11.5.1,Regularly test security systems and processes